Image: Shutterstock

Google Suspends Chinese App Following Malware Discovery

Jayant Chakravarti • March 21, 2023

Google suspended popular budget e-commerce application Pinduoduo from the Play Store after detecting malware on versions of the Chinese app downloadable from other online stores. Chinese security researchers say they found code designed to monitor users inside Pinduoduo versions.

►

Governance & Risk Management

Rapid7 Buys Ransomware Prevention Firm Minerva Labs for $38M

Latest

Cloud Security

NYC Special Needs Students' Records Found Exposed on Web

Marianne Kolbasuk McGee • March 21, 2023

Nearly 50,000 documents containing personal information of special education students who live in New York City and attend public school there were recently found exposed on the internet in an unsecured database. Some of those records date back to 2018.

Cybercrime

BreachForums Closes Amid Worries Over Law Enforcement Access

Prajeet Nair • March 21, 2023

Days after federal agents arrested the alleged administrator of criminal underground forum BreachForums, the new admin who took over announced that he is shutting down the site. User "Baphomet" said he spotted a suspicious server logon early Sunday afternoon.

Critical Infrastructure Security

Ransomware Will Target Transport Sector OT, Says ENISA

Akshaya Asokan • March 21, 2023

Europe's cybersecurity agency predicts hackers will take advantage of the growing overlap between information and operational technologies in the transport sector and disrupt OT processes in a targeted attack. Ransomware will become a tool wielded for political and financial motivations, says ENISA.

Blockchain & Cryptocurrency

Hacker Exploits Months-Old Bug to Steal Crypto From ATMs

Rashmi Ramesh • March 20, 2023

Bitcoin ATM manufacturer General Bytes suspended its cloud services supporting more than 15,000 machines after a hacker exploited a vulnerability in its software to steal user passwords and private keys and made off with cryptocurrency worth millions of dollars.

Cybercrime

How Russia's Ukraine War Disrupted the Cybercrime Ecosystem

Mathew J. Schwartz • March 20, 2023

Russia's invasion of Ukraine in 2022 threw Russia's cybercrime ecosystem into a state of upheaval that still exists to this day. "We identified disruptions to literally every single form of commodified cybercrime," said Alexander Leslie, associate threat intelligence analyst at Recorded Future.

Healthcare

Lawsuit Against Clinic Seeks Long List of Cyber Improvements

Marianne Kolbasuk McGee • March 20, 2023

An Alabama cardiovascular clinic is facing a proposed class action lawsuit filed by one of the nearly 442,000 individuals affected by a data exfiltration breach reported last month. The lawsuit seeks a detailed list of security improvements by the clinic and 10 years of court compliance monitoring.

Incident & Breach Response

Finding the Right Strategy for Building Cybersecurity Skills

Suparna Goswami • March 20, 2023

ISMG presented the 2023 Dynamic CISO Award to Vaibhav Tole, director of global cybersecurity at Cyient, who developed skills internally and created a team to handle incident response in-house. ISMG caught up with Tole at the conference to understand how he is doing more with less these days.

Account Takeover Fraud

Fresh Vishing Campaign Targeting South Korean Users

Prajeet Nair • March 20, 2023

Criminal hackers are targeting South Koreans with an Android Trojan that dupes victims into handing over payment card data by faking phone conversations with lenders. Developers are using "several unique evasions that we had not previously seen in the wild," Check Point researchers write.

3rd Party Risk Management

Hitachi Energy Latest Victim of Clop GoAnywhere Attacks

Prajeet Nair • March 18, 2023

Hitachi Energy joined the ranks of victims hit by the Clop ransomware group, which has exploited a zero-day vulnerability in Fortra's widely used managed file transfer software, GoAnywhere MFT. Clop claimed responsibility for the hack, which compromised networks used by 130 different organizations.

Breach Notification

FBI Says It Arrested BreachForums Mastermind 'Pompompurin'

Prajeet Nair • March 18, 2023

Federal agents arrested the alleged administrator of the criminal underground forum BreachForums, tracing him to a small town in New York's Hudson Valley. FBI agents say Conor Brian Fitzpatrick, a resident of Peekskill, confessed to being "Pompompurin."

Governance & Risk Management

European Digital Identity Bill Heads to Final Negotiations

Akshaya Asokan • March 17, 2023

The European Parliament on Thursday approved legislation creating a continentwide framework for digital identity that European leaders hope will diminish the role of big tech companies such as Google and Apple. Members of the European Parliament have pushed for additional privacy measures.

Network Firewalls, Network Access Control

Chinese Hackers Targeting Security and Network Appliances

Prajeet Nair • March 17, 2023

Chinese threat actors are turning security appliances into penetration pathways, forcing firewall maker Fortinet to again attempt to fend off hackers with a patch. Mandiant researchers say suspected Beijing hackers it tracks as UNC3886 has been targeting chip-based firewall and virtualization boxes.