Security daily (11-08-2021)

Four years after FBI shut it down, AlphaBay dark web marketplace claims it's back in business

It might be time to update the obituary of one of the web’s most notorious marketplaces for hacking tools and drugs. Four years after the FBI shut down AlphaBay, which registered a reported $1 billion in transactions, a scammer is touting the launch of a new version of the illicit marketplace, according to threat intelligence firm Flashpoint. In an online posting earlier this week, someone claiming to be one of the original moderators of AlphaBay said the marketplace was coming back into business, Flashpoint researchers noted. Among the offerings on the revamped AlphaBay, according to the posting, will be the source code of a hacking tool that steals banking credentials, and money, from victims. U.S. and European law enforcement agencies have in the last year conducted a series of crackdowns on popular dark-web forums. But the alleged resurrection of AlphaBay, dubbed the Amazon.com of the dark web, shows how difficult it can […] The post Four years after FBI shut it down, AlphaBay dark web marketplace claims it's back in business appeared first on CyberScoop. (CyberScoop)

European police round up 23 suspected scammers accused of $1.2 million fraud

An international police sting netted 23 arrests in three countries of suspects behind a business email compromise scheme that last year turned to capitalizing on COVID-19 fears, Europol announced on Wednesday. Together, the fraudsters are believed to have stolen at least $1.2 million from companies in 20 countries, mainly European and Asian nations, the European Union police agency said. The scheme relied on use of compromised email accounts for advance-payment fraud, Europol said. The suspects created fake emails and websites that resembled those of legitimate companies to trick victims into placing orders with them. They then laundered financial data through Romanian bank accounts to ultimately withdraw money from ATMs. “The fraud was run by an organised crime group which prior to the COVID-19 pandemic already illegally offered other fictitious products for sale online, such as wooden pellets,” Europol’s announcement said. “Last year the criminals changed their modus operandi and started […] The post European police round up 23 suspected scammers accused of $1.2 million fraud appeared first on CyberScoop. (CyberScoop)

Hackers returned some of the $600 million they stole from Poly Network, a cryptocurrency firm

An unidentified hacker stole $600 million worth of virtual currencies from Poly Network, the cryptocurrency company announced Tuesday. Then in an unusual twist, less than 24 hours later, the hacker began to return some of the stolen money after a public plea from the company. As of publication time, the hacker had returned more than $4,772,000 worth of assets, according to the company. Chainalysis, a cryptocurrency-tracking firm, confirmed Wednesday that funds were on the move. The incident is the largest public attack against the decentralized financed industry to date. The identity of the thieves remains unclear. Poly Network offers a service that promises interoperability between different chains of cryptocurrency, which each have their own digital ledger and act independently of one another. A preliminary investigation by cybersecurity firm SlowMist found that the hacker exploited a vulnerability in a feature that allows for the implementation of exchanges across chains. This allowed […] The post Hackers returned some of the $600 million they stole from Poly Network, a cryptocurrency firm appeared first on CyberScoop. (CyberScoop)

Hacker grabs $600m in cryptocash from blockchain company Poly Networks

Where have all the cryptocoins gone? Will we ever get them back? (Naked Security)

Chinese Espionage Group Targets Israel

(News ≈ Packet Storm)

SAP Patches Nine Critical And High Severity Bugs

(News ≈ Packet Storm)

Microsoft Fixes Windows 10 PrintNightmare Flaw With This Update

(News ≈ Packet Storm)

Hackers Take $600m In Biggest Cryptocurrency Theft

(News ≈ Packet Storm)

Best Practices for Web Form Security

Web form security  ⁠— the set of tools and practices intended to protect web forms from attacks and abuse ⁠— is one of the most critical aspects of overall website security. Web forms allow users to interact with your site and enable a lot of useful functionality. However, once a user can interact with your site to do something useful there is a new attack surface for a hacker to exploit.   To help you get the usability benefits of web forms while limiting the security risks we’ve created this list of best practices for web form security. Continue reading Best Practices for Web Form Security at Sucuri Blog. (Sucuri Blog)

Microsoft Warns of Another Unpatched Windows Print Spooler RCE Vulnerability

A day after releasing Patch Tuesday updates, Microsoft acknowledged yet another remote code execution vulnerability in the Windows Print Spooler component, adding that it's working to remediate the issue in an upcoming security update. Tracked as CVE-2021-36958 (CVSS score: 7.3), the unpatched flaw is the latest to join a list of bugs collectively known as PrintNightmare that have plagued the (The Hacker News)

Bugs in Managed DNS Services Cloud Let Attackers Spy On DNS Traffic

Cybersecurity researchers have disclosed a new class of vulnerabilities impacting major DNS-as-a-Service (DNSaaS) providers that could allow attackers to exfiltrate sensitive information from corporate networks. "We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers like Amazon and Google," researchers Shir Tamari (The Hacker News)

MSPs and MSSPs Can Increase Profit Margins With Cynet 360 Platform

As cyber threats keep on increasing in volume and sophistication, more and more organizations acknowledge that outsourcing their security operations to a 3rd-party service provider is a practice that makes the most sense. To address this demand, managed security services providers (MSSPs) and managed service providers (MSPs) continuously search for the right products that would empower their (The Hacker News)

Hackers Steal Over $600 Million Worth of Cryptocurrencies from Poly Network

Hackers have siphoned $611 million worth of cryptocurrencies from a blockchain-based financial network in what's believed to be one of the largest heists targeting the digital asset industry, putting it ahead of breaches targeting exchanges Coincheck and Mt. Gox in recent years. Poly Network, a China-based cross-chain decentralized finance (DeFi) platform for swapping tokens across multiple (The Hacker News)

Accenture Confirms LockBit Ransomware Attack

LockBit offered Accenture's purported databases and made a requisite jab at its purportedly sad security. Accenture says it recovered just fine from backups. (Threatpost)

NSA Watchdog Will Review Tucker Carlson Spying Claims

Despite a lack of evidence, the National Security Agency will investigate whether the Fox host was illegally targeted. (Threatpost)

‘Friends’ Reunion Anchors Video Swindle

Spam was on the rise in Q2, with video fraud and COVID-19-related efforts in the mix. (Threatpost)

Kaseya’s ‘Master Key’ to REvil Attack Leaked Online

The decryptor is of little use to other companies hit in the spate of attacks unleashed before the notorious ransomware group went dark, researchers said. (Threatpost)


/security-daily/ 12-08-2021 23:44:22