Security News > 2021

A money-laundering fraud ring is targeting donation sites, taking advantage of the outpouring of charity sparked by the global pandemic. Dubbed Cart Crasher by the Sift security firm, the fraud ring leverages guest checkout options on donation sites to steal money and launder stolen payment cards.

A nonsense tweet sent out from the official account of U.S. Strategic Command is no reason for alarm, according to the department. "Filed a FOIA request with U.S. Strategic Command to see if I could learn anything about their gibberish tweet yesterday," Thalen wrote.

Google's Threat Analysis Group says that North Korean government-sponsored hackers are once again targeting security researchers using fake Twitter and LinkedIn social media accounts. The hackers also created a website for a fake company named SecuriElite and supposedly offering offensive security services as the Google security team focused on hunting down state-backed hackers discovered on March 17.

Google offers a password checking service that will check all of your Chrome-saved passwords for weaknesses and against known breaches. With a tool called Password Checkup, the Google AI will comb through your vast array of authentication credentials to let you know if you have a password associated with a breach.

The Dutch Data Protection Authority announced on Wednesday that it has issued a fine of €475,000 to online travel agency Booking.com for failing to report a data security incident within the required timeframe. According to the privacy watchdog, the incident took place in December 2018 and it involved cybercriminals using voice phishing and social engineering to trick the employees of 40 hotels in the United Arab Emirates into handing over their credentials for their Booking.com accounts.

For the past two months, security researchers have been waging an online battle against a new 'BazarCall' malware that uses call centers to distribute some of the most damaging Windows malware. The new malware was discovered being distributed by call centers in late January and is named BazarCall, or BazaCall, as the threat actors initially used it to install the BazarLoader malware.

Threat actors target gamers with backdoored game tweaks, patches, and cheats hiding malware capable of stealing information from infected systems. Cisco Talos researchers who spotted multiple campaigns using these tactics said that they've "Seen several small tools looking like game patches, tweaks or modding tools" backdoored with obfuscated malware.

Living Security, an Austin, Texas-based company that specializes in cybersecurity awareness training, on Tuesday announced that it raised $14 million in a Series B funding round. The round was led by Updata Partners, with participation from Silverton Partners, Active Capital, Rain Capital and SaaS Venture Partners.

Malware is being hidden in seemingly legitimate files that gamers download to install cheat codes or modifications, says Cisco Talos. Cybercriminals have launched a new malware attack aimed at video game players.

Britain's 2021 Defence Review states that the nation will not use nuclear weapons against any non-nuclear state party to the Treaty on the Non-Proliferation of Nuclear Weapons 1968. Around the same time, the UK Attorney General, Jeremy Wright QC MP, said, "The UK considers it is clear that cyber operations that result in, or present an imminent threat of, death and destruction on an equivalent scale to an armed attack will give rise to an inherent right to take action in self-defense, as recognized in Article 51 of the UN Charter."