Transcript
A (0:04)
The EU imposes cyber sanctions An Iranian cyber chief was killed by US Israeli strikes, the UK fixes a major bug in its company registry and a US man fishes celebrity athletes while on home detention for fishing. This is the Risky bulletin prepared by Catalyn Kim Panu and read by me, Claire aird. Today is the 18th of March and this podcast episode is brought to you by Sublime Security. In today's top story, the EU has imposed sanctions on three hacking groups that targeted its members in cyber attacks. Sanctions were imposed on Iranian cyber company MNA Pasegad, which hacked the 2024 Paris Olympic Games, a Swedish SMS service and French satirical magazine Charlie Hebdo. Chinese company the Integrity Technology Group was sanctioned for running the Raptor Train botnet and soon Information Technology, also known as Isoon, was sanctioned for Espionage SA sanctions were also imposed on two of ISOON's founders. In other news, US and Israeli missile strikes have killed a high ranking Iranian cyber official. Sources told Forbes that Syed Yahya Hosseini Panjaki was killed in late February. He was a deputy minister of intelligence for Israeli affairs at Iran's intelligence agency, the mois. He was also the leader of a cyber unit that controls several Iranian hacking groups in including Handala. Last week Handala launched a destructive attack against US medical equipment firm Stryker. A new Canadian bill would adjust law enforcement's powers to track suspects online. The C22 bill is Canada's second attempt at updating its lawful access rules. It would allow law enforcement to access information that identifies suspects and their locations. It would not grant police access to browsing history, messages, emails or social media. The UK government has shut down its company registry to fix a major vulnerability. The bug could have allowed anyone with a company's house account to view and edit other organisations data. Exploiting the bug required pressing the back button four times while in the section titled File for another company that would grant the attacker editing permissions for that other company. Suspected hacktivists have manipulated Denver crosswalks to play anti Trump audio. The pedestrian crossings were modified to play the the WAC signal is on Trump and other similar sentiments. The hacked devices were disconnected over the weekend. Hackers have stolen data from the Dutch city of Ajpar. The incident took place last week. More than 800 gigabytes of data was stolen as well as 600,000 documents. The breach began when an employee fell for a click fix attack and installed malware. Spain's data privacy regulator has fined an age verification provider €950,000. Yoti prompts users to take a selfie and upload a copy of their id. The company then confirms their age with third parties without sharing personal data. Spain's privacy watchdog says Yoti used the collected data for research and development without consent. An appeals court in Luxembourg has overturned a 746 million euros privacy fine against Amazon. The retail giant was fined in 2021 for breaking the EU's GDPR privacy regulations. Amazon argued on a TEC technicality that the privacy watchdog failed to consider if it broke GDPR intentionally. A US man has been charged for targeting NBA and NFL athletes in a fishing campaign. Kwame Jarrell Ford posed as adult film stars and Apple customer support staff to trick victims into handing over passwords. He used those passwords to access accounts, steal credit card details and pay for personal items. Ford conducted the campaign while serving a home detention sentence for a separate phishing related charge. Nigerian authorities have arrested a man accused of stealing $2.5 million from a Romanian businesswoman. The individual posed as Dubai's Crown Prince to trick the victim into sending money to a non existent humanitarian project. The individual was arrested last month after being identified by a group of journalists. Court documents identify the suspect as 31 year old Nigerian citizen Nzubi Henry Ikeji. Threat actors are abusing an Android routing framework for banking related fraud Attackers are deploying the LS posed toolkit to hijack payment apps. They're using it to make fraudulent logins and transactions appear to come from the real owners devices. The technique allows attackers to bypass controls that tie smartphone IDs and SIM cards to payment app accounts. More than 890 million credentials were stolen from people's browsers last year and offered for sale. Almost a third of those included cookies which could allow targets to bypass multi factor authentication. According to recorded Futures Threat Landscape report, most of the stolen credentials came from Llama Steeler infections. This is despite law enforcement seizing the malware's infrastructure last May. A new IoT botnet has infected more than 30,000 Android TV set top boxes. The Katana botnet exploits Android debug ports left exposed on the devices. It uses a custom rootkit to persist and uninstalls itself if its command and control service have been down for more than three days. According to Nokia's security team. Katana has already conducted DDoS attacks as large as 150 gigabits per second. And finally, 11 tech companies have pledged to share intel about scammers who abuse their services. Signatories include Meta, Microsoft, Google, Amazon and OpenAI. The companies will also create information sharing groups with law enforcement to accelerate legal takedowns. The agreement was signed ahead of this week's UN Global Fraud Summit in Austria. And that is all for this podcast edition. Today's show was brought to you by our sponsor, Sublime Security. Find them at Sublime. Sublime Security. Thanks to your company.