U.S. Seizes 32 Pro-Russian Propaganda Domains In Major Disinformation Crackdown
The U.S. Department of Justice (DoJ) seized 32 pro-Russian propaganda domains used by the Kremlin-backed Doppelganger campaign to covertly spread disinformation, bolster pro-Russian policies, and influence elections. Companies linked to the Russian government used cybersquatting and AI-generated content to amplify false narratives, while Russian nationals were indicted for funneling $9.7 million to promote divisive videos targeting U.S. audiences. These actions are part of a broader effort to combat Russian influence campaigns ahead of the U.S. 2024 elections and clamp down on state-sponsored disinformation.
762,000 Car Owners Have Vehicles, Home Addresses Exposed Online
A major data leak involving personal and vehicle details of 762,000 China-based car owners was discovered by Cybernews, exposing sensitive information such as full names, ID numbers, addresses, and VINs for at least 48 hours. The leak, hosted on a US-based IP with no clear owner, poses significant risks including identity theft, financial fraud, and potential physical security threats like vehicle theft. This incident underscores the importance of stringent data protection measures and highlights the increasing exploitation of vehicle information in cyberattacks.
Two Nigerians Sentenced To Prison In US For BEC Fraud
Two Nigerian nationals, Franklin Ifeanyichukwu Okwonna and Ebuka Raphael Umeti, were sentenced to prison in the U.S. for orchestrating a business email compromise (BEC) scheme between 2016 and 2021, which defrauded victim organizations of over $5 million. The scheme involved phishing emails that deployed malware, granting remote access to victims’ systems and enabling fraudulent wire transfers. Umeti received a 10-year sentence, while Okwonna was sentenced to over five years, both ordered to pay restitution totaling $5 million.
Draytek Vulnerabilities Added To Cisa KEV Catalog Exploited In Global Campaign
Two vulnerabilities in DrayTek VigorConnect, identified in 2021 (CVE-2021-20123 and CVE-2021-20124), have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog after being leveraged by multiple threat groups. These flaws allow unauthenticated attackers to download files with root privileges, targeting organizations across various industries, including finance, telecom, and technology. Despite patches released in 2021, a global spike in exploitation attempts in August 2024 underscores the persistent risk from unpatched systems.
Bitcoin ATM Scams On The Rise: Americans Lose $65 Million In Six Months
Scammers are increasingly exploiting bitcoin ATMs (BTMs) to defraud victims, with losses reaching $65 million in the first half of 2024—an amount that is double the total losses for 2021. The Federal Trade Commission (FTC) reports that these scams often involve fraudulent claims of suspicious activity, prompting victims to transfer cash to BTMs under the guise of protecting their funds. Consumers, particularly those over 60, are advised to be cautious of urgent requests to use BTMs, buy gift cards, or move money in response to unexpected communications, and should independently verify any claims by contacting organizations directly.
Planned Parenthood Confirms Breach, Ransomhub Gang Claims Responsibility
Planned Parenthood of Montana has confirmed a breach following an attack claimed by the RansomHub ransomware gang, which has stolen approximately 100 gigabytes of sensitive data. The ransomware group has posted samples of stolen files, including financial records and payroll information, and has threatened to leak the data if a ransom is not paid within seven days. RansomHub, a rapidly rising ransomware actor known for its double extortion tactics, has been targeting various sectors in the US since February 2024.
India’s Critical Infrastructure Suffers Spike In Cyberattacks
India’s critical infrastructure, particularly in finance and government, is experiencing a dramatic increase in cyberattacks, with the Reserve Bank of India highlighting the risks associated with rapid digitalization. The national CERT team reported a significant rise in cyber incidents, with attacks on financial institutions jumping from 53,000 in 2017 to 16 million in 2023. Additionally, the country’s cybersecurity landscape is further challenged by emerging threats from AI, cloud vulnerabilities, and sophisticated attacks from global adversaries.
Veeam Warns Of Critical RCE Flaw In Backup & Replication Software
Veeam has issued urgent security updates addressing 18 critical vulnerabilities in its Backup & Replication, Service Provider Console, and ONE products, including a highly severe remote code execution (RCE) flaw (CVE-2024-40711) with a CVSS score of 9.8. This vulnerability allows unauthorized remote code execution, posing significant risks for data integrity and security, especially as it can be exploited by ransomware groups targeting backup infrastructures. Additional high-severity issues include RCE and data extraction flaws, MFA bypass, and TLS certificate validation weaknesses, all of which require immediate patching to prevent potential exploitation.
Chinese-Speaking Hacker Group Targets Human Rights Studies In Middle East
The Chinese-speaking threat group Tropic Trooper has been targeting government entities in the Middle East and Malaysia, focusing on human rights studies, with sophisticated cyberattacks involving the China Chopper web shell and Crowdoor malware since June 2023. These attacks leverage vulnerabilities in public web applications like Adobe ColdFusion and Microsoft Exchange Server, aiming to gain remote access, move laterally within networks, and evade defenses. Despite detection by Kaspersky, Tropic Trooper has attempted to evolve its tactics, increasing the risk of future detection and exploitation.
Russian GRU Unit Tied To Assassinations Linked To Global Cyber Sabotage And Espionage
Russian GRU’s 161st Specialist Training Center (Unit 29155), previously associated with foreign assassinations and destabilization efforts, has been implicated in global cyberespionage and sabotage operations, including the WhisperGate malware attacks in Ukraine. The unit has expanded its activities to target NATO countries, infrastructure, and other international entities, focusing on data exfiltration, website defacements, and domain scanning. The US government, in collaboration with international agencies, has issued advisories and indictments, urging organizations to strengthen cybersecurity defenses and mitigate risks from this sophisticated threat actor.
Ukrainian Soldiers Targeted With Data-Stealing Malware To Harvest GPS Coordinates
Ukrainian soldiers were targeted by hackers who deployed data-stealing malware through fake versions of military apps Griselda and “Eyes,” delivered via Signal messenger links. The malware, including Hydra, aimed to steal authentication data and GPS coordinates, potentially exposing the location of military personnel. Ukraine’s CERT-UA and MILCERT responded swiftly to contain the threat, preventing sensitive data leaks that could have endangered the soldiers’ lives.
Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.