Security News > 2022 > October

India's Central Bureau of Investigation on Monday disclosed that it has detained a Russian national for allegedly hacking into a software platform used to conduct engineering entrance assessments in the country in 2021. "The said accused was detained by the Bureau of Immigration at Indira Gandhi International Airport, Delhi while arriving in India from Almaty, Kazakhstan," the primary investigating agency said in a press release.

In a perfect example of there being no honor among thieves, a threat actor named 'Water Labbu' is hacking into cryptocurrency scam sites to inject malicious JavaScript that steals funds from the scammer's victims. In July, the FBI warned of scam 'dApps' that impersonated cryptocurrency liquidity mining services but, in reality, stole a victim's crypto investments.

Scammers of this sort are typically based in high-pressure criminal call centres outside your country, but they make use of internet-based calling services that costs pennies a minute to make calls anywhere in the world, yet show up on your phone with a local number to give them an air of legitimacy and traceability. Sometimes the callers aren't quite scammers, and they really are based in your country, working for a registered company, calling from a number that really is local.

Optus confirmed yesterday that 2.1 million customers had government identification numbers compromised during a cyberattack last month. In an investigation, Optus confirmed that a total of 2.1 million customers had valid or expired ID document numbers exposed to the hackers.

Microsoft is warning Exchange Online users about a rise in password spray attacks, urging those that have yet to disable Basic Authentication to at least set up authentication policies to protect their users and data. For three years, Microsoft been weaning popular software offerings like Outlook Desktop and Outlook Mobile App off Basic Auth in favor of more secure user authentication methods.

The Cheerscrypt ransomware has been linked to a Chinese hacking group named 'Emperor Dragonfly,' known to frequently switch between ransomware families to evade attribution. The ransomware gang is tracked under different names, such as Bronze Starlight and DEV-0401, and has been seen using a wide variety of ransomware families since 2021.

A popular Chinese-language YouTube channel has emerged as a means to distribute a trojanized version of a Windows installer for the Tor Browser. The malicious version of the Tor Browser installer is being distributed via a link present in the description of a video that was uploaded to YouTube on January 9, 2022.

Researchers have disclosed details about a now-patched high-severity security flaw in Packagist, a PHP software package repository, that could have been exploited to mount software supply chain attacks. Packagist is used by the PHP package manager Composer to determine and download software dependencies that are included by developers in their projects.

The Federal Bureau of Investigation warns of a rise in 'Pig Butchering' cryptocurrency scams used to steal ever-increasing amounts of crypto from unsuspecting investors. Pig Butchering is a relatively new social engineering scam where fraudsters contact people on social media and build trust by engaging in long-term communication, establishing the idea of a fabricated friendship or romantic partnership.

How Oso's security-as-code approach to authorization might change how you think about security. Oso, which just announced today the general availability of Oso Cloud, offers an open source policy engine for authorization that represents security as code so developers can express security as a natural extension of their applications.