Security News

A former IT security analyst at Oxford Biomedica has admitted, five years after the fact, to turning to the dark side - by hijacking a cyber attack against his own company in an attempt to divert any ransom payments to himself. Ashley Liles, of Letchworth Garden City, Hertfordshire, pleaded guilty at Reading Crown Court to blackmail and unauthorized access to a computer with intent to commit other offences on May 17 following an investigation by the South East Regional Organised Crime Unit.

The FBI and Ukrainian police have seized nine cryptocurrency exchange websites that facilitated money laundering for scammers and cybercriminals, including ransomware actors. The seized sites allowed users to anonymously convert cryptocurrency into harder-to-trace coins to obscure the money trace and help cybercriminals launder their pilfers without being traced by law enforcement.

The increase in reported ransomware victims across Q1 2023 reflects the continued prevalence of ransomware as a worldwide, industry agnostic threat, according to GuidePoint Security. The report is based on data obtained from publicly available resources, including threat groups themselves, and insight into the ransomware threat landscape.

Two execs and a multinational payment processing company must pay $650k to the US government, says the FTC, which accuses them of knowingly processing credit card payments for Microsoft-themed support scammers. The Justice Department and the Feds claim [PDF] Nexway, along with a web of related companies based in France, Switzerland, Germany, and the US, violated the FTC Act and the Telemarketing Sales Rule by processing payments for India-based Tech Live Connect and "Other foreign clients" that commit telemarketing fraud via tech support scams all over the world, although the agency and the department are regulating the United States side of things.

For context, digital skimming attacks occur when threat actors deploy malicious code onto a merchant website where they target their checkout pages to scrape and harvest consumer payment account data, such as primary account number, card verification value, expiration date and personally identifiable information. Cryptocurrency bridge services were a favored target for threat actors in 2022 and from January through early October 2022, the cryptocurrency ecosystem experienced 13 separate bridge attacks totaling $2B. What can payment processors and e-commerce merchants do to help protect themselves against enumeration attacks?

Interestingly, WooCommerce suggests that even if attackers had found and exploited this vulnerability, the only information about your logon passwords they'd have been able to steal would have been so-called salted password hashes, and so the company has written that "It's unlikely that your password was compromised". As a result, it's offering the curious advice that you can get away without changing your admin password as long as [a] you're using the standard WordPress password management system and not some alternative way of handling passwords that WooCommerce can't vouch for, and [b] you're not in the habit of using the same password on multiple services.

OpenAI says a Redis client open-source library bug was behind Monday's ChatGPT outage and data leak, where users saw other users' personal information and chat queries.OpenAI took ChatGPT offline to investigate an issue but did not provide details as to what caused the outage.

Patches have been released for a critical security flaw impacting the WooCommerce Payments plugin for WordPress, which is installed on over 500,000 websites. It impacts versions 4.8.0 through 5.6.1.

A new credit card stealing hacking campaign is doing things differently than we have seen in the past by hiding their malicious code inside the 'Authorize.net' payment gateway module for WooCommcerce, allowing the breach to evade detection by security scans. To evade detection, the threat actors are now injecting malicious scripts directly into the site's payment gateway modules used to process credit card payments on checkout.

An international law enforcement operation has seized the cryptocurrency mixing service 'ChipMixer' which is said to be used by hackers, ransomware gangs, and scammers to launder their proceeds. ChipMixer has been one of the largest cryptocurrency mixing platforms operating on the dark web since 2017, allowing users to convert their money into untraceable "Chips," which are then cashed out on "Clean" cryptocurrency addresses that can be converted to FIAT money.