Security News > 2022 > February
Ransomware attacks are proliferating as criminals turn to gangs providing turnkey post-compromise services, Britain's National Cyber Security Centre has warned. The warning comes hot on the heels of several high-profile attacks against oil distribution companies and also businesses that operate ports in the West - though today's note insists there was a move by criminals away from "Big game hunting" against US targets.
The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums by the alleged malware developer. The Maze ransomware began operating in May 2019 and quickly rose to fame as they were responsible for the use of data theft and double-extortion tactics now used by many ransomware operations.
Meta has filed a joint lawsuit with Chime, a financial technology and digital banking company, against two Nigerian individuals who allegedly used Instagram and Facebook accounts to impersonate Chime and target its users in phishing attacks. The two defendants, Arafat Eniola Arowokoko and Arowokoko Afeez Opeyemi, presumably used a network of at least five Facebook accounts and over 800 Instagram accounts to impersonate the fintech company, attempting to take over customers' accounts.
How to enable end-to-end encryption in Facebook Messenger. End-to-end encryption is not enabled by default in Facebook Messenger.
Known Palestinian threat actor MoleRats is likely behind a recent malicious email campaign targeting Middle Eastern governments, foreign-policy think tanks and a state-affiliated airline with a new intelligence-gathering trojan dubbed NimbleMamba, researchers said. Researchers from Proofpoint said they have observed a spear-phishing campaign using multiple vectors since November that they believe is the work of TA402, more commonly known as MoleRats and linked to the Palestinian Territories, according to a report posted online Tuesday.
RDP brute-force attacks continue to be one of the most used attack vectors for breaching enterprise networks, ESET's latest Threat Report has revealed. RDP brute-force attacks escalated throughout all of 2020 and 2021, and the last four months of 2021 brought a further acceleration, with an increase of 274%. But while the intensity of these attacks is growing, detections by the company's solutions show that the number of targets has been gradually shrinking - "Although it doesn't seem like the rampage is about to end any time soon."
Crane Hassold, former FBI analyst turned director of threat intel at Abnormal Security, shares stories from his covert work with cyberattackers. "Behavioral characteristics and motivations of cybercriminals in the real world and virtual world are the same," said Crane Hassold, who helped to create the CBAC after spending more than 11 years as an FBI analyst, offering strategic and tactical analytical support to cyber, financial crime and violent crime cases.
Threat actors have started distributing fake Windows 11 upgrade installers to users of Windows 10, tricking them into downloading and executing RedLine stealer malware. The timing of the attacks coincides with the moment that Microsoft announced Windows 11's broad deployment phase, so the attackers were well-prepared for this move and waited for the right moment to maximize their operation's success.
The Federal Bureau of Investigation says criminals have escalated SIM swap attacks to steal millions by hijacking victims' phone numbers. "From January 2018 to December 2020, the FBI Internet Crime Complaint Center received 320 complaints related to SIM swapping incidents with adjusted losses of approximately $12 million. In 2021, IC3 received 1,611 SIM swapping complaints with adjusted losses of more than $68 million."
Finally, we calculate the number of physical qubits required to break the 256-bit elliptic curve encryption of keys in the Bitcoin network within the small available time frame in which it would actually pose a threat to do so. It would require 317 106 physical qubits to break the encryption within one hour using the surface code, a code cycle time of 1 μs, a reaction time of 10 μs, and a physical gate error of 10-3.