Security News > 2023 > March

International law enforcement agencies have claimed another victory over cyber criminals, after seizing the website, and taking down the infrastructure operated by crims linked to the NetWire remote access trojan. On the same day, a US judge approved a seizure warrant that allowed federal authorities in Los Angeles to seize the internet domain, and Swiss law enforcement seized the server hosting the NetWire RAT infrastructure.

An international law enforcement operation involving the FBI and police agencies worldwide led to the arrest of the suspected administrator of the NetWire remote access trojan and the seizure of the service's web domain and hosting server. Since at least 2014, NetWire has been a tool of choice in various malicious activities, including phishing attacks, BEC campaigns, and to breach corporate networks.

AT&T has confirmed that miscreants had access to nine million of its wireless customers' account details after one of its vendor's networks suffered a security failure in January. Customer Proprietary Network Information from some wireless accounts was exposed, such as the number of lines on an account or wireless rate plan.

Health data and other personal information of members of Congress and staff were stolen during a breach of servers run by DC Health Care Link and are now up for sale on the dark web. Szpindor called the incident "a significant data breach" that exposed the personal identifiable information of thousands of DC Health Link employees and warned the Representatives that their data may have been compromised.

Ransomware bust, ransomware warning, and anti-ransomware advice. DOUG. Ransomware, more ransomware, and TPM vulnerabilities.

Akamai reports having mitigated the largest DDoS attack ever launched against a customer based in the Asia-Pacific region. DDoS is an attack that involves sending a large volume of garbage requests to a targeted server, depleting its capacity, and thus rendering the websites, applications, or other online services it hosts unreachable by legitimate users.

Cybercriminals are now using fake rewards in so-called "Play-to-earn" mobile and online games to steal millions worth of cryptocurrency, according to an FBI warning on Thursday. "Criminals contact victims online and build a relationship with victims over time," the FBI says in a public service announcement issued via the Internet Crime Complaint Center.

Microsoft's Security Intelligence team recently investigated a business email compromise attack and found that attackers move rapidly, with some steps taking mere minutes. BEC attacks are a type of cyberattack where the attacker gains access to an email account of the target organization through phishing, social engineering, or buying account credentials on the dark web.

Researchers with cybersecurity firms Codefense and Cryptolaemus, which track Emotet activity, both reported a sudden startup in the spamming from the botnet. Emotet started life almost a decade ago as a banking trojan, but it soon evolved into a malware delivered through spear-phishing campaigns, including emails that contain malicious Microsoft Word and Excel attachments.

A suspected Chinese hacking campaign has been targeting unpatched SonicWall Secure Mobile Access appliances to install custom malware that establishes long-term persistence for cyber espionage campaigns.The deployed malware is customized for SonicWall devices and is used to steal user credentials, provide shell access to the attackers, and even persist through firmware upgrades.