Security News

A Mandiant shareholder has launched a legal challenge to block Google's $5.4 billion takeover of the threat intelligence firm. According to a lawsuit filed in a New York federal district court by shareholder Shiva Stein, Mandiant made "Materially incomplete and misleading" statements to investors in financial documents filed with the US Securities and Exchange Commission about the planned acquisition.

Network equipment maker Ubiquiti on Tuesday filed a lawsuit against infosec journalist Brian Krebs, alleging he defamed the company by falsely accusing the firm of covering up a cyber-attack. On March 30, 2021, Krebs reported that Ubiquiti had disclosed a January breach involving a third-party cloud provider, later revealed to be AWS, and that an unnamed source within the firm had claimed the company was downplaying a catastrophic compromise.

Today, the US Federal Trade Commission sued Intuit, the maker of tax preparation software TurboTax, over deceptive advertising campaigns pitching free tax filing products that millions couldn't use. As the consumer protection watchdog explained, Intuit allegedly pushed supposedly "Free" products in a years-long ad campaign, misleading Americans that they could use TurboTax to file their taxes for free.

Meta has filed a joint lawsuit with Chime, a financial technology and digital banking company, against two Nigerian individuals who allegedly used Instagram and Facebook accounts to impersonate Chime and target its users in phishing attacks. The two defendants, Arafat Eniola Arowokoko and Arowokoko Afeez Opeyemi, presumably used a network of at least five Facebook accounts and over 800 Instagram accounts to impersonate the fintech company, attempting to take over customers' accounts.

Facebook's parent company Meta Platforms on Monday said it has filed a federal lawsuit in the U.S. state of California against bad actors who operated more than 39,000 phishing websites that impersonated its digital properties to mislead unsuspecting users into divulging their login credentials. The attacks were carried out using a relay service, Ngrok, that redirected internet traffic to the phishing websites in a manner that concealed the true location of the fraudulent infrastructure.

Meta has filed a federal lawsuit in California court to disrupt phishing attacks targeting Facebook, Messenger, Instagram, and WhatsApp users. The attackers behind these phishing campaigns used almost 40,000 phishing pages that would impersonate the four platforms' login pages.

Google took steps to shut down the Glupteba botnet, at least for now. So Google is also suing the botnet's operators.

Google on Tuesday said it took steps to disrupt the operations of a sophisticated "Multi-component" botnet called Glupteba that approximately infected more than one million Windows computers across the globe and stored its command-and-control server addresses on Bitcoin's blockchain as a resilience mechanism. As part of the efforts, Google's Threat Analysis Group said it partnered with the CyberCrime Investigation Group over the past year to terminate around 63 million Google Docs that were observed to have distributed the malware, alongside 1,183 Google Accounts, 908 Cloud Projects, and 870 Google Ads accounts that were associated with its distribution.

Google announced today that it has taken action to disrupt the Glupteba botnet that now controls more than 1 million Windows PCs around the world, growing by thousands of new infected devices each day. Glupteba is a blockchain-enabled and modular malware that has been targeting Windows devices worldwide since at least 2011, including the US, India, Brazil, and countries from Southeast Asia.

To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices. NSO Group's Pegasus spyware is favored by totalitarian governments around the world, who use it to hack Apple phones and computers.