Security News

Rogue ex-Motorola techie admits cyberattack on former employer, passport fraud
2023-11-30 01:15

Rew Mahn, 28, of Derry, New Hampshire, pleaded guilty in federal court on Tuesday to both passport fraud and wire fraud, the latter relating to that cyber-intrusion. Mahn was indicted [PDF] by a grand jury for passport fraud in February, after being charged in 2021 with breaking into Motorola's computer network and stealing data.

Fraud researchers impersonated on X to push crypto-stealing sites
2023-11-15 15:02

The scammers impersonate accounts on X belonging to blockchain analytics or crypto fraud investigation firms and researchers, like CertiK, ZachXBT, and Scam Sniffer, to promote fabricated security breaches on Uniswap and Opensea. To impersonate the legitimate accounts, the threat actors created new X accounts with similar account names.

SEC Charges SolarWinds and CISO With Fraud Related to 2020 Cyberattack
2023-11-02 18:43

The Securities and Exchange Commission brought charges against both Austin, TX-based information security software company SolarWinds and its CISO Timothy G. Brown on October 30. The SEC alleges that between SolarWinds' October 2018 initial public offering and the December 2020 announcement of the large-scale cyberattack, SolarWinds and Brown specifically " defrauded investors by overstating SolarWinds' cybersecurity practices and understating or failing to disclose known risks.

SolarWinds and CISO accused of fraud, control failures
2023-10-31 08:15

The Securities and Exchange Commission announced charges against SolarWinds and its CISO, Timothy G. Brown, for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities. The complaint alleges that, from at least its October 2018 initial public offering through at least its December 2020 announcement that it was the target of a massive, nearly two-year long cyberattack, dubbed SUNBURST, SolarWinds and Brown defrauded investors by overstating SolarWinds' cybersecurity practices and understating or failing to disclose known risks.

AI strengthens banking’s defense against fraud
2023-10-27 03:30

63% of respondents indicated that they are comfortable with AI helping their bank detect fraud. Almost half of respondents abandoned a new bank account application after starting because it didn't feel secure or was too cumbersome.

PEACHPIT: Massive Ad Fraud Botnet Powered by Millions of Hacked Android and iOS
2023-10-09 16:07

An ad fraud botnet dubbed PEACHPIT leveraged an army of hundreds of thousands of Android and iOS devices to generate illicit profits for the threat actors behind the scheme. The botnet is part of...

Chinese smart TV boxes infected with malware in PEACHPIT ad fraud campaign
2023-10-09 01:27

Infosec in brief Bot defense software vendor Human Security last week detailed an attack that "Sold off-brand mobile and Connected TV devices on popular online retailers and resale sites preloaded with a known malware called Triada." Human named the campaign to infect and distribute the Android devices BADBOX. The infected devices were sold for under $50. Human's researchers found over 200 models with pre-installed malware, and when it went shopping for seven particular devices found that 80 percent of units were infected with BADBOX. Analysis of infected devices yielded intel on an ad fraud module Human's researchers named PEACHPIT. At its peak, PEACHPIT ran on a botnet spanning 121,000 devices a day on Android.

Backdoored Android phones, TVs used for ad fraud – and worse!
2023-10-04 16:42

A key monetization mechanism of a sophisticated series of cybercriminal operations involving backdoored off-brand mobile and CTV Android devices has been disrupted, Human Security has announced. Badbox-infected devices are able to steal personally identifiable information, establish residential proxy exit peers, steal one-time passwords, create fake messaging and email accounts, and other unique fraud schemes.

Online fraud can cost you more than money
2023-10-02 03:00

Online fraud is a pervasive and constantly evolving threat that affects individuals and organizations worldwide. In this Help Net Security round-up, cybersecurity experts talk about online fraud and damaging effects it has on individuals and organizations.

Fraud prevention forces scammers to up their game
2023-09-26 03:30

The risk of falling victim to fraud is a constant concern for individuals, businesses, and organizations alike. As technology evolves, so too do the methods employed by fraudsters, making fraud prevention an increasingly critical and complex endeavor.