Security News > 2022 > June

Microsoft is warning that toll fraud malware is one of the most prevalent threats on Android and that it is evolving with features that allow automatic subscription to premium services. In a report today, Microsoft shares technical details on how toll fraud malware works and how it can be prevented on Android.

The notorious North Korea-backed hacking collective Lazarus Group is suspected to be behind the recent $100 million altcoin theft from Harmony Horizon Bridge, citing similarities to the Ronin bridge attack in March 2022. The finding comes as Harmony confirmed that its Horizon Bridge, a platform that allows users to move cryptocurrency across different blockchains, had been breached last week.

A former Canadian government employee this week agreed to plead guilty in the U.S. to charges related to his involvement with the NetWalker ransomware syndicate. The 34-year-old IT consultant from Gatineau, Quebec, was initially apprehended in January 2021 following a coordinated law enforcement operation to dismantle the dark web infrastructure used by the NetWalker ransomware cybercrime group to publish data siphoned from its victims.

One of the commissioners of the U.S. Federal Communications Commission has renewed calls asking for Apple and Google to boot the popular video-sharing platform TikTok from their app stores citing "Its pattern of surreptitious data practices." "It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting being combined with Beijing's apparently unchecked access to that sensitive data," Brendan Carr, a Republican member of the FCC, wrote in a letter to Apple and Google's chief executives.

Google's Threat Analysis Group on Thursday disclosed it had acted to block as many as 36 malicious domains operated by hack-for-hire groups from India, Russia, and the U.A.E. In a manner analogous to the surveillanceware ecosystem, hack-for-hire firms equip their clients with capabilities to enable targeted attacks aimed at corporates as well as activists, journalists, politicians, and other high-risk users. "The hack-for-hire landscape is fluid, both in how the attackers organize themselves and in the wide range of targets they pursue in a single campaign at the behest of disparate clients," Shane Huntley, director of Google TAG, said in a report.

An employee of OpenSea's email delivery vendor Customer.io "Misused" their access to download and share OpenSea users' and newsletter subscribers' email addresses "With an unauthorized external party," Head of Security Cory Hardman warned on Wednesday. "If you have shared your email with OpenSea in the past, you should assume you were impacted," Hardman continued.

Jenkins, an open-source automation server for continuous integration and delivery, has published 34 security advisories covering 25 plugins used to extend the software. The June 30 advisory follows a similar advisory from June 22, covering 28 plugins and Jenkins core software.

Researchers from Lumen Technologies' Black Lotus Labs say they've identified at least 80 targets infected by the stealthy malware, including routers made by Cisco, Netgear, Asus, and DrayTek. Dubbed ZuoRAT, the remote access Trojan is part of a broader hacking campaign that has existed since at least the fourth quarter of 2020 and continues to operate.

How traditional security tools fail to protect companies against ransomware. A report released Thursday by cybersecurity firm Titaniam looks at the inability of traditional security products to protect against ransomware in particular.

In addition to that portal, data was exposed on several other online dashboards provided the state, including: Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Safety Certificate, and Gun Violence Restraining Order dashboards. The Cali DOJ noted that the dashboards and data were available to the public "For less than 24 hours," and the information exposed included names, dates of birth, gender, race, driver license numbers, addresses, and criminal histories.