Security News > 2022 > May

Interpol on Monday announced the arrest of three suspected global scammers in Nigeria for using remote access trojans such as Agent Tesla to facilitate malware-enabled cyber fraud. The law enforcement said that the suspects systematically used Agent Tesla to breach business computers and divert financial transactions to bank accounts under their control.

New South Wales, Australia's most populous state, launched its DDL program in 2019, and as of 2021 officials there said that slightly more than half of the state's eight million people use the "Service NSW" app that displays the DDL and offers access to many other government services. "The DDL is hosted securely on the new Service NSW app, locks with a PIN and can be accessed offline. It will provide additional levels of security and protection against identity fraud, compared to the plastic driver licence," NSW Minister for Customer Service Victor Dominello said in 2019 when the service launched.

A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force. "The suspect is alleged to have run a transnational cybercrime syndicate that launched mass phishing campaigns and business email compromise schemes targeting companies and individual victims," Interpol said in a statement.

Cloud-based repository hosting service GitHub on Friday shared additional details into the theft of GitHub integration OAuth tokens last month, noting that the attacker was able to access internal NPM data and its customer information. "Using stolen OAuth user tokens originating from two third-party integrators, Heroku and Travis CI, the attacker was able to escalate access to NPM infrastructure," Greg Ose said, adding the attacker then managed to obtain a number of files -.

A nascent Linux-based botnet named Enemybot has expanded its capabilities to include recently disclosed security vulnerabilities in its arsenal to target web servers, Android devices, and content management systems. "The malware is rapidly adopting one-day vulnerabilities as part of its exploitation capabilities," AT&T Alien Labs said in a technical write-up published last week.

Vodafone is piloting a new advertising ID system called TrustPid, which will work as a persistent user tracker at the mobile Internet Service Provider level. The mobile carrier plans to assign a fixed ID to each customer and associate all user activity with it.

"There continue to be signs and threats of possible imminent attacks against, in particular, national public entities, private entities providing a public utility service or private entities whose image is identified with the country of Italy," explains the public alert. The signs are posts from the Killnet group's Telegram channel that incited to 'massive and unprecedented' attacks against Italy.

Infosec researchers have idenitied a zero-day code execution vulnerability in Microsoft's ubiquitous Office software. Dubbed "Follina", the vulnerability has been floating around for a while and uses Office functionality to retrieve a HTML file which in turn makes use of the Microsoft Support Diagnostic Tool to run some code.

Home delivery scams, where the crooks falsely apologise to you for not delivering your latest parcel, have been around for years. As we have unfortunately needed to say many times on Naked Security, these scams seem to have become steadlily more professional-looking during the pandemic, as more and more people have got into the habit of ordering deliveries for everyday shopping instead of heading into stores.

Google has quietly banned deepfake projects on its Colaboratory service, putting an end to the large-scale utilization of the platform's resources for this purpose. Colab is an online computing resource that allows researchers to run Python code directly through the browser while using free computing resources, including GPUs, to power their projects.