Transcript
A (0:04)
The US indicts two cybersecurity employees over ransomware attacks Hackers extort customers of South Korean massage parlors, another crypto firm gets hacked for $128 million and cargo thieves collab with hackers to target freight companies. This is the Risky Bulletin prepared by Katalin Kim Panu and read by me, Claire aird. Today is the 5th of November and this podcast episode is brought to you by Subl Security, an email security platform that's not a black box. In today's top story, two former employees of US cybersecurity firms have been indicted for deploying ransomware. Charges have been laid against Kevin Tyler Martin, a former ransomware negotiator at Digital Mint, and Ryan Clifford Goldberg, a former incident response manager at Signia. The two, plus a third co conspirator are accused of hacking US companies to steal and encrypt data. Using the ALFV ransomware. They made more than $1.2 million in ransom payments. In other news, a developer of the Jabazus Banking Trojan has been caught 15 years after the group was active. Yuri Ihorovich writesov was arrested in Italy and handed over to US authorities. The 41 year old Ukrainian national was known online as Mr. ICQ. Rightsof is the second Jabaz member to be arrested. The group's leader is currently serving two concurrent nine year prison sentences in the us. South Korean authorities have arrested a group for hacking massage parlors and extorting their customers. The group tricked parlor owners into installing malicious apps on their phones, allowing them to collect customer data. The details were used to extort customers by threatening to release videos of their massage sessions. According to authorities. The group banked almost $1.2 million from 62 victims over three years. Indian authorities have arrested multiple individuals for hacking cameras and selling the recordings to online fetish communities. The group allegedly hacked security cameras at hospitals, schools, malls and private homes. The hacks exploited cameras that used default or weak passwords. The footage was sold on Telegram for up to $45 per clip and was later uploaded to fetish pornography sites. Organised crime groups are working with hackers to infiltrate freight companies. The scheme involves hacking trucking firms, deploying remote access tools, and then bidding on freight haul contracts. The goal is to win the contract, intercept the shipment and resell the goods online. According to Proofpoint, the campaign has been taking place for over a year. Nine people have been arrested in the EU, accused of stealing more than 600 million euros through online scams. The suspects were detained in Cyprus, Spain and Germany. The group the group used social media ads, cold calling and fake celebrity testimonials to lure victims to fake investment portals. Two suspects have been arrested in Cambodia for driving SMS blasters around the city of Sihanoukville. They were arrested at a police roadblock on the weekend, according to Comsrisk. SMS blaster arrests were also made last week in Switzerland and the Philippines. The University of Pennsylvania has been hacked. The intruders are threatening to Release more than 1.2 million RESC records of financial donors. The group initially hacked an employee account before pivoting to internal systems. They also mass emailed students and staff about the hack last week. Hackers have stolen sensitive information from Polish online loan platform Super Grosch. The stolen data includes personal and financial information that could be used for fraud. Government officials have urged impacted citizens to block their national ID numbers in the government app. Doing so adds additional verification steps when the number is used for official purposes, such as taking out loans. South Korea's largest telco has been advised to pay 300,000 won to each customer that laid a complaint following a recent security breach. The decision was made by a mediation panel after 4,000 customers complained about the hack at SK Telecom earlier this year. More than 23 million customers had SIM data and personal information stolen in the breach. This week, the company told investors that the incident led to a 90% drop in operating profit for the third quarter. Hackers have stolen $128 million worth of crypto assets from the Balancer Defi platform. The attackers took over Balancer's access control system and used it to steal funds. The money was laundered through tornado cash. Students in the Cyber Corp. Scholarship program will be given additional time to find government jobs. The program provides free cybersecurity training as long as students get roles in the US Government after they graduate. Last week, several participants said recent layoffs and government hiring freezes meant they risked having to repay six figure loans. Australia has expanded its upcoming social media age restrictions to include Reddit and video streaming service Kik. The companies must block Australian users under the age of 16 starting on December 10th. The restrictions will also apply to Facebook, Instagram, Snapchat threads, TikTok X and YouTube. Microsoft has patched four vulnerabilities in its Teams messaging platform. The flaws could have allowed malicious users to impersonate others, alter messages or notifications, and use fake identities in calls. Security firm Check Point says the bugs could have been abused by cybercriminals to impersonate executives or tech support. The bugs were reported to Microsoft in March. They were patched last month. Chipmaker AMD has confirmed a weakness in the RD Seed entropy generator that impacts Zen 5 processors. The Linux kernel team disabled support for rd seed on Zen 5 last month after reports that it was failing to produce random numbers correctly. AMD will release patches in November for all affected CPU models. More than 400,000 WordPress sites are vulnerable to a security flaw in the post SMTP plugin. The vulnerability allows remote unauthenticated attackers to read a site's email logs. Attackers can trigger the password reset process for admin accounts and extract passwords password reset links. The bug has a severity rating of 9.8 out of 10. And finally, social media site X plans to show additional information about user profiles. Details including account creation date, country of origin and the number of name changes will soon be visible on all profiles. Head of Product Nikita Beer says the change is designed to reduce inauthentic engagements. A similar feature already exists on Facebook and Instagram. And that is all for this podcast edition. Today's show was brought to you by our sponsor, Sublime Security. Find them at Sublime Security. Thanks for your company.