Security News > 2022 > August

According to the US state's Department of Financial Services on Monday, Robinhood Crypto didn't hire sufficient staff and didn't invest in other resources for its anti-money-laundering and cybersecurity compliance programs. "As its business grew, Robinhood Crypto failed to invest the proper resources and attention to develop and maintain a culture of compliance - a failure that resulted in significant violations of the Department's anti-money laundering and cybersecurity regulations," New York's Superintendent of Financial Services Adrienne Harris said.

Microsoft has released new Windows 11 builds to the Beta Channel with improved Microsoft Defender for Endpoint ransomware attack blocking capabilities. "We enhanced Microsoft Defender for Endpoint's ability to identify and intercept ransomware and advanced attacks," Microsoft's Amanda Langowski and Brandon LeBlanc said.

Cryptocurrency protocol Nomad describes itself as "An optimistic interoperability protocol that enables secure cross-chain communication," and promises that it's a "Security-first cross-chain messaging protocol." Some Twitterati are already using the word rugpull, a pejorative phrase in the cryptocoin world, used to imply that a cryptocurrency hack was some sort of inside job, enabled or carried out on purpose.

Cybercriminals are turning to messaging apps like Telegram and Discord as alternatives to popular underground forums: not only for the private communications and security features but also as avenues for spreading malware. The migration to Telegram and Discord illustrates the dynamic nature of criminal groups and the world in which they operate, according to Garrett Carstens, director of intel collection management at the company.

German power electronics manufacturer Semikron has disclosed that it was hit by a ransomware attack that partially encrypted the company's network. "The SEMIKRON Group has been the victim of a cyber attack by a professional hacker group. As part of this attack, the perpetrators have claimed to have stolen data from our system," the company revealed in a statement published Monday.

How to remove and overwrite all data on a hard drive for free in Windows 11 We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. One of these parameters will not only format a hard drive for Windows operating system use, but it will also overwrite all data already on the drive with random numbers.

One of the primary methods used by malware distributors to infect devices is by deceiving people into downloading and running malicious files, and to achieve this deception, malware authors are using a variety of tricks. Some of these tricks include masquerading malware executables as legitimate applications, signing them with valid certificates, or compromising trustworthy sites to use them as distribution points.

Security researchers have discovered a new vulnerability called ParseThru affecting Golang-based applications that could be abused to gain unauthorized access to cloud-based applications. "The newly discovered vulnerability allows a threat actor to bypass validations under certain conditions, as a result of the use of unsafe URL parsing methods built in the language," Israeli cybersecurity firm Oxeye said in a report shared with The Hacker News.

A former owner of a T-Mobile retail store in California has been found guilty of a $25 million scheme where he illegally accessed T-Mobile's internal systems to unlock and unblock cell phones. "From August 2014 to June 2019, Khudaverdyan fraudulently unlocked and unblocked cellphones on T-Mobile's network, as well as the networks of Sprint, AT&T and other carriers," details the announcement of the U.S. Department of Justice.

VMware has warned admins today to patch a critical authentication bypass security flaw affecting local domain users in multiple products and enabling unauthenticated attackers to gain admin privileges. "This critical vulnerability should be patched or mitigated immediately per the instructions in VMSA," VMware warned.