Security News

Microsoft has taken down US-based infrastructure and websites used by a cybercrime group to sell fraudulent online accounts to other crooks including Scattered Spider, the infamous social-engineering and extortion crew that hacked two Las Vegas casinos over the summer. The gang, Storm-1152, is the "Number one seller and creator of fraudulent Microsoft accounts" and has listed for sale 750 million of these, according to Amy Hogan-Burney, Microsoft's associate general counsel for cybersecurity policy and protection.

Since yesterday, users of Ubiquiti networking devices, ranging from routers to security cameras, have reported seeing other people's devices and notifications through the company's UniFi cloud services. Ubiquiti is a popular networking device manufacturer offering a cloud-based UniFi platform where admins can manage all their devices from a single cloud portal.

The U.S. Department of Justice charged four suspects for their alleged involvement in a pig butchering fraud scheme that resulted in more than $80 million in victim losses. Criminals behind pig butchering scams approach victims via various messaging apps, dating platforms, or social media platforms, build trust, and introduce them to investment schemes that eventually allow them to drain the targets' cryptocurrency wallets.

This year has seen the emergence of ten new Android banking malware families, which collectively target 985 bank and fintech/trading apps from financial institutes across 61 countries. Banking trojans are malware that targets people's online bank accounts and money by stealing credentials and session cookies, bypassing 2FA protections, and sometimes even performing transactions automatically.

Discord has made security key multi-factor authentication available for all accounts on the platform, bringing significant security and anti-phishing benefits to its 500+ million registered users. Discord has now brought the WebAuthn feature to all Discord users, allowing users to replace the legacy MFA system that relies on time-based one-time passwords, 8-digit one-time backup codes, and SMS messages carrying a 6-digit verification code.

The research lab says in breach notification letters filed with the Maine Attorney General's Office this week that the attackers exfiltrated the data of 45,047 current and former employees, as well as their dependents and spouses. "The event did not impact INL's own network, or other networks or databases used by employees, lab customers or other contractors. The breach only impacted the cloud-based Oracle HCM test environment that resides off-site."INL said.

About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

Ledger is warnings users not to use web3 dApps after a supply chain attack on the 'Ledger dApp Connect Kit' library was found pushing a JavaScript wallet drainer that stole $600,000 in crypto and NFTs. Ledger is a hardware wallet that lets users buy, manage, and securely store their digital assets offline, supporting multiple cryptocurrencies, including Bitcoin and Ethereum. The company offers a library called the "Ledger dApps Connect Kit" that allows web3 apps to connect to Ledger hardware wallets.

Help Net Security sponsored and attended Cybersecurity Marketing Society’s CyberMarketingCon 2023 in Austin, TX. Over the three days of the conference, there were 35 speakers, keynotes, and 15...

Cybersecurity researchers have identified a set of 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom...