Over 170 Android Cryptocurrency Apps are Scams

A recent report shows that Android has a cryptocurrency scam problem. These apps claim to help you mine Bitcoin “in the cloud.”

The apps work by offering a virtual dashboard that lets you monitor the cryptocurrency mining rate. The same dashboard shows you how much virtual coin has been generated. However, Lookout examined the computer code in the apps along with the network traffic, and found the coin balance displayed was actually fictitious.

Kaspersky’s Password Manager Created Weak Passwords

Kaspersky Password Manager was caught creating weak passwords that were easy to brute force attack.

We will first see an example of a good password generation method, to explain after why the method used by Kaspersky was flawed, and how we exploited it. As we will see, passwords generated by this tool can be bruteforced in seconds.

After a bit less than two years, this vulnerability has been patched on all versions of KPM. Vulnerability has been assigned CVE-2020-27020.

New Ransomware ‘Tsunami’ Destroying Supply Chains

The REvil hacking team is back with new malware. Brand new, still developing, but their ransomware called “Tsunami” is wreaking havoc.

The software in question, Kaseya VSA, is popular among so-called managed service providers, which provide IT infrastructure for companies that would rather outsource that sort of thing than run it themselves. Which means that if you successfully hack an MSP, you suddenly have access to its customers. It’s the difference between cracking safety deposit boxes one at a time and stealing the bank manager’s skeleton key.

Russian Spies Abuse VPNs to Target Organizations

On Thursday, U.S. and British authorities said that Russia’s military spy agency is using VPNs and Tor to attack governments and private sector targets.

The advisory did not identify any of the targets by name, saying only that they were mainly in the United States and Europe and included government offices, political parties, energy companies, law firms and media organizations.

The Russian Embassy in Washington did not immediately return a message seeking comment. Russian officials routinely reject allegations that they employ hackers to spy on rival nations.

Twitter Lets You Use a Security Key as Only 2FA Option

Twitter announced on Wednesday that it will let people use a security key as their only form of two-factor authentication.

Today, we’re adding the option to use security keys as your sole 2FA method — meaning you can enroll one or more security keys as the only form of 2FA on your Twitter account without a backup 2FA method. We know this is important to people because not everyone is able to have a backup 2FA method or wants to share their phone number with us.

Hackers Sell Personal LinkedIn Data From Leak Affecting 700M Users

Hackers are selling the personal information of over 700 million LinkedIn users. Here are the data types that were leaked:

Email Addresses; Full names; Phone numbers; Physical addresses; Geolocation records; LinkedIn username and profile URL; Personal and professional experience/background; Genders; Other social media accounts and usernames

On June 22nd, a user of a popular hacker forum advertised data from 700 Million LinkedIn users for sale. The user of the forum posted a sample of the data that includes 1 million LinkedIn users.

Web Hosting Service 'DreamHost' Leaked 814 Million Records of Customer Data

A database owned by Dreamhost was found unsecured and publicly accessible online. It contained 814 million entries of exposed usernames, display names, and emails for WordPress accounts.

The exposed log files contained what appears to be 3 years of records that range from 3/24/2018 to 4/16/2021 and each contained information about WordPress accounts hosted or installed on DreamHost’s server and their users. On May 4th a DreamHost representative acknowledged the discovery and informed us that the finding was being passed on to their legal team.

Update: DreamHost reached out to say that none of those records contain data that would have allowed access to DreamHost accounts. They consist entirely of entries that include object update records, error reports, and log entries. Data from just 21 individual websites were involved. More information can be found on its website.

New Malware Infects Software Pirates and Blocks The Pirate Bay

Andrew Brandt reports on a new malware campaign that isn’t like your typical malware. This one blocks people from accessing many popular pirating websites.

We weren’t able to discern a provenance for this malware, but its motivation seemed pretty clear: It prevents people from visiting software piracy websites (if only temporarily), and sends the name of the pirated software the user was hoping to use to a website, which also delivers a secondary payload.

Looks like this is aimed more towards Windows users. The malware takes the form of .EXE executables, and may display a message saying the victim is missing an important .DLL file.

The Story of BonziBuddy and its Company’s Demise

In the third episode of Kernel Panic, Mashable tells the story of one of the first virtual assistants known as BonziBuddy.

Behind the facade of that friendly gorilla, Bonzi Software, the company responsible for BonziBuddy, was collecting private information and contacts from the unsuspecting internet users who downloaded it — and bombarding them with ads and pop-ups that Bonzi would profit from.

Harry Potter and the Curse of Bonzi. If you ever downloaded this purple ape and noticed strange things start to happen, let us know in the comments. Maybe your browser was full of ads, or maybe he whispered into your ear at night, encouraging you to commit securities fraud.

Data Leak Exposes Customer Records With CVS Health

CVS Health recently leaked approximately one billion user records that include email addresses, user IDs, and metadata. The information was discovered in a non-password protected database.

CVS Health acted fast and professionally to secure the data and a member of their Information Security Team contacted me the following day and confirmed my findings and that the data was indeed theirs. I was informed that this was a contractor or vendor who managed this dataset on behalf of CVS Health, but it was confidential as to who the vendor was.

 

Why You Should Drill a Hole Into Your iPhone or iPad

Over the weekend, Nikita Mazurov for The Intercept reminds us that a good way to wipe our iDevices is to drill a hole through it.

If you can’t access your device, the most careful approach to wiping it is to destroy the flash memory chip that houses your data. This way you don’t have to lose sleep if you didn’t use a strong passcode, or worry about a forensics vendor being able to recover any of your personal information.

Gaming Company ‘EA’ Suffers Data Breach of Game Code

Electronic Arts is the latest company to have information stolen in a data breach. It includes the source code for FIFA 21, the Frostbite engine, and proprietary frameworks and SDKs.

We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen. No player data was accessed, and we have no reason to believe there is any risk to player privacy.

Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business. We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.

JBS USA Pays $11 Million in Ransom After Cyberattack

On Thursday, meat supplier JBS said it paid US$11 million after ransomware attack stopped its operations.

In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.

I wonder if the FBI will recover this ransom as well, like the Colonial Pipeline money.

WIN an iPhone 16 Pro Max!