Security News
The U.S. Federal Trade Commission sued tax preparation giant H&R Block over the company's deceptive "Free" online filing advertising and for pressuring people into overpaying for its services. H&R Block employs 70,000 tax pros working in over 12,000 offices worldwide and has reported a revenue of $3.5 billion in 2023.
TL;DR: Your most sensitive data can be removed from the internet with just a few clicks with a 1-year subscription to Incogni Personal Information Removal, and it's available to new users for only $50 through 2/4 11:59 p.m. Pacific. Incogni can help you avoid the lengthy, tedious process of having your data erased from the internet, and a one-year subscription is available to new users for just $49.97 through February 4.
CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption. The online version has a file size limit of 10MB, so if you're looking to decrypt larger files or virtual machines, the GitHub version is the only way to go.
On January 12, 2024, Microsoft discovered that Russian hackers breached its systems in November 2023 and stole email from their leadership, cybersecurity, and legal teams.Microsoft now explains that the threat actors used residential proxies and "Password spraying" brute-force attacks to target a small number of accounts, with one of these accounts being a "Legacy, non-production test tenant account."
Global crime networks have set up shop in autonomous territories run by armed gangs across Southeast Asia, and are using them to host physical and online casinos that, in concert with crypto exchanges, have led to an explosion of money laundering, cyberfraud, and cybercrime across the region and beyond. The scenario above was outlined on Monday by the United Nations Office on Drugs and Crime in a new report [PDF] titled "Casinos, Money Laundering, Underground Banking, and Transnational Organized Crime in East and Southeast Asia: A Hidden and Accelerating Threat."
Comment In some ways, the ransomware landscape in 2023 remained unchanged from the way it looked in previous years. The industry needs governments to insert themselves into the crisis and take decisive action to stop ransomware from becoming even more out of hand than it already is.
Museum software solutions provider Gallery Systems has disclosed that its ongoing IT outages were caused by a ransomware attack last week. In a customer notification shared with BleepingComputer, Gallery Systems said it suffered a ransomware attack on December 28th, causing the company to take systems offline to prevent further devices from being encrypted.
The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data. Links to download the source code were shared on numerous channels, including Discord, a dark web website, and a Telegram channel that the hackers previously used to leak stolen Rockstar data.
Europol has notified over 400 websites that their online shops have been hacked with malicious scripts that steal debit and credit cards from customers making purchases. These attacks can go undetected for weeks or even several months, and depending on the popularity of the breached e-commerce platforms, cybercriminals can collect large numbers of payment card details.
IBM Security has dissected some JavaScript code that was injected into people's online banking pages to steal their login credentials, saying 50,000 user sessions with more than 40 banks worldwide were compromised by the malicious software in 2023. This injected code executes on the page in the browser, and intercepts the victim's credentials as they are entered, which can be passed to fraudsters to exploit to drain accounts.