Europol and Eurojust announced today the arrest of five individuals believed to be part of a massive online investment fraud ring with at least 33,000 victims who lost an estimated €89 million (roughly $98 million).
The Russian cyberespionage campaign is targeting European government agencies and diplomats to steal Western government intelligence on the war in Ukraine, says the Polish CERT and Military Counterintelligence Service.
The FCC warns against using free charging stations at airports, hotels, and shopping centers. It is also advisable to use an electrical outlet instead of USB charging ports to stay safe. Meanwhile, the FBI raises the alarm about adversaries impersonating Chinese officials to target Chinese users in the U.S.
“The business-like set up of the group, where affiliates are required to remain active or notify the gang of their leave, shows the organizational maturity of the group, as has also been observed in other groups, such as Conti,” Trellix reported.
Besides using Telegram as a data exfiltration point, Legion is designed to exploit web servers running content management systems (CMS), PHP, or PHP-based frameworks like Laravel.
The volume of compromised credit cards offered for sale on cybercrime markets has dropped sharply over the past few years, although UK figures rose, according to Cybersixgill.
When a victim installs a malicious file from one of these sponsored ads, their device is hijacked by the RedLine infostealer, which can then steal confidential data, disrupt critical infrastructure, and compromise financial accounts.
Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user’s mobile device doesn’t impact their account.
The vulnerability, tracked as CVE-2023-28808, has been described by the vendor as an access control issue that can be exploited to obtain administrator permissions by sending specially crafted messages to the targeted device.
“In coordination with internal and external experts, we immediately initiated all necessary protective measures and informed the responsible authorities,” a spokesperson reportedly said in a brief statement.