Security News

Cybercriminals continue to capitalize on the hysteria and worry caused by COVID-19, both in the physical sphere and digital ecosystem, exploiting the significant global unmet demand for vaccines. Over the past year, my firm has continuously monitored the surface, deep, and dark web for malicious activity related to COVID-19, witnessing a trend in the manipulation of the digital ecosystem for commercial gain or other malicious ends related to the topic of vaccines.

In a huge sting operation, the U.S. Federal Bureau of Investigation and Australian Federal Police ran an "Encrypted chat" service called ANoM for almost 3 years to intercept 27 million messages between criminal gang members globally. "For almost three years, the AFP and the FBI have monitored criminals' encrypted communications over a Dedicated Encrypted Communications Platform," AFP said.

In the "Largest and most sophisticated law enforcement operations to date," a joint international law enforcement created a fake end-to-end encrypted chat platform designed solely to catch criminals. The FBI and the Australian Federal Police started cooperating three years ago in Operation Ironside, creating a fake encrypted messaging platform called Anom that was sold exclusively to criminals, allowing law enforcement to listen in on their messages and conversations.

Russian hacking group REvil is behind the ransomware attack on meat processing company JBS Foods, according to the FBI. The good news from the JBS Foods ransomware attack is that it seems to have followed one of the basic tenets of cybersecurity - make back-ups. The meat processing company JBS said on Wednesday that its operations had mostly recovered from a ransomware attack and had shut down operations in the United States and Australia earlier this week.

Prosecutions under the UK's Computer Misuse Act dropped by a fifth in 2020 even as conviction rates soared to 95 per cent during the year of the pandemic, new statistics have revealed. This week's conviction statistics also showed that the most common CMA crime taken to court was the offence of "Unauthorised access to computer material", accounting for 33 of the year's total of 45 prosecutions under the Act.

I'd gotten the crazy idea to write a tool that would encrypt Twitter's direct messages - sent in the clear - so that your private communications would truly be private, visible to no one, including Twitter. What if someone had used my software, thinking it gave them the assurance of privacy, only to learn - to their peril - that my understanding fell short of providing any security?

The cyberextortion attempt that has forced the shutdown of a vital U.S. pipeline was carried out by a criminal gang known as DarkSide that cultivates a Robin Hood image of stealing from corporations and giving a cut to charity, two people close to the investigation said Sunday. Commerce Secretary Gina Raimondo said Sunday that ransomware attacks are "What businesses now have to worry about," and that she will work "Very vigorously" with the Department of Homeland Security to address the problem, calling it a top priority for the administration.

Four Eastern European nationals face 20 years in prison for Racketeer Influenced Corrupt Organization charges after pleading guilty to providing bulletproof hosting services between 2008 and 2015, which were used by cybercriminals to distribute malware to financial entities across the U.S. The individuals, Aleksandr Grichishkin, 34, and Andrei Skvortsov, 34, of Russia; Aleksandr Skorodumov, 33, of Lithuania; and Pavel Stassi, 30, of Estonia, have been accused of renting their wares to cybercriminal clients, who used the infrastructure to disseminate malware such as Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit that were capable of co-opting victim machines into a botnet, and stealing sensitive information. "A key service provided by the defendants was helping their clients to evade detection by law enforcement and continue their crimes uninterrupted; the defendants did so by monitoring sites used to blocklist technical infrastructure used for crime, moving 'flagged' content to new infrastructure, and registering all such infrastructure under false or stolen identities," the DoJ added.

Bad news for lockdown slimmers who've ignored advice about not needing to connect every friggin' appliance in their home to the internet: Talos researchers have sniffed out security flaws allowing attackers to hijack your air fryer. Specifically, Cisco's infosec arm said it had tested and confirmed that the Cosori Smart 5.8-Quart Air Fryer CS158-AF, version 1.1.0, could be exploited by a theoretical fried-chicken-hater.

Bad news for lockdown slimmers who've ignored advice about not needing to connect every friggin' appliance in their home to the internet: Talos researchers have sniffed out security flaws allowing attackers to hijack your air fryer. Specifically, Cisco's infosec arm said it had tested and confirmed that the Cosori Smart 5.8-Quart Air Fryer CS158-AF, version 1.1.0, could be exploited by a theoretical fried-chicken-hater.