Security News > 2022 > November

Robin Banks, the phishing-as-a-service platform that was kicked off Cloudflare for malicious activity, is back in action with a Russian service provider and new tools to make it easier to bypass security measures. IronNet's Threat Research unit first wrote about Robin Banks in July, detailing a threat group that was selling phishing kits to cybercriminals who then would use those tools to steal credentials and financial data of people in the US, the UK, Canada, and Australia.

Citrix is urging customers to install security updates for a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway."Note that only appliances that are operating as a Gateway are affected by the first issue, which is rated as a Critical severity vulnerability," explains the Citrix security bulletin.

Experian and T-Mobile have reached separate settlements with 40 US states following a pair of data breaches in 2012 and 2015. Experian will be bearing the largest brunt of the fine, with $14 million coming from the credit reporting company.

The Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned. The document contains a malicious VBA macro that, when enabled by the victim, runs a PowerShell command to download and run Amadey.

An Instagram influencer known as 'Hushpuppi' has been sentenced to 11 years in prison for conspiring to launder tens of millions of USD from business email compromise scams and various cyber schemes. The 40-year-old Nigerian's real name is Ramon Olorunwa Abbas, and was ordered to pay restitution of $1,732,841 to two confirmed victims, a law firm in the U.S. and a businessperson in Qatar.

Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader. Observed in the wild since circa 2013, SmokeLoader functions as a generic loader capable of distributing additional payloads onto compromised systems, such as information-stealing malware and other implants.

Webinar In April this year the Costa Rican Government declared a national emergency because of a ransomware attack that brought the Ministry of Finance to the edge, and bludgeoned private as well as public import/export services. The previous January, officials in the largest county in New Mexico had also woken up to a paralysing ransomware attack which took several county departments and government offices offline.

The Hushed Private Phone Line lifetime subscription gives you a second phone line for calls and texts where you don't want to share your personal number. Hushed earned 4.6 stars out of five on the Apple App Store by being both easy to use and effective at protecting privacy.

The scientists tested the exploit by modifying an off-the-shelf drone to create a flying scanning device, the Wi-Peep. The robotic aircraft sends several messages to each device as it flies around, establishing the positions of devices in each room.

The U.S. Department of Justice on Monday said it seized 50,676 Bitcoin in November 2021 that was stolen in the 2012 hack of the now-defunct Silk Road dark web marketplace.The bitcoin, which was obtained in 2012 and valued at $3.36 billion when it was discovered last year, is now worth $1.04 billion.