12-10-202114-10-2021

Security daily (13-10-2021)

Romance scammers exploit Apple's developer program to spread fake cryptocurrency apps

Fraudsters are using the promise of love to lure victims into downloading fake cryptocurrency trading apps and then stealing their funds, researchers at Sophos report. The ongoing campaign, which researchers have dubbed “CryptoRom,” has targeted victims across Europe, the U.S. and Asia. In these scams, scammers use dating apps like Bumble, Tinder, and Grindr to build trust with a victim. They then move the conversation to a messaging app, where they ask victims to install a fake trading app. Fraudsters convince victims to invest in the app, ultimately stealing the funds. Thieves have managed to swipe nearly $1.4 million with the ruse, according to an analysis of a bitcoin wallet one of the scammers used. Some 23,000 victims of romance scams reported more than $605 million in losses to the FBI in 2020. The new findings underscore how fraudsters are turning to Apple’s developer programs in an attempt to evade […] The post Romance scammers exploit Apple's developer program to spread fake cryptocurrency apps appeared first on CyberScoop. (CyberScoop)

White House kicks off international ransomware meeting amid global barrage

A parade of nations recounted grim experiences with ransomware at the start of a two-day White House-led summit on Wednesday, where the gathered officials will collaborate on how to counter the rise of digital extortion. Israel was, at the moment, dealing with an ongoing ransomware attack at a major hospital, Hillel Yaffe Medical Center. Ireland and the Czech Republic have experienced similar attacks on their medical centers. South Korea has seen a 70% year-over-year increase in ransomware incidents, and the United Arab Emirates has seen a 200% rise. Each anecdote, each statistic fed into the White House message for the day that ransomware is a global issue that will require collective action. Scheduled sessions will cover resilience, illicit finance, disrupting criminals and diplomacy, each led by officials from a different country. “No one country, no one group can solve this problem,” said U.S. National Security Adviser Jake Sullivan. “Transnational criminals […] The post White House kicks off international ransomware meeting amid global barrage appeared first on CyberScoop. (CyberScoop)

White House set to lead 30 nations in ransomware discussions, sans Russia

The White House on Wednesday and Thursday will convene meetings with representatives from more than 30 countries to discuss how to counter ransomware, leaving out the country the president most frequently criticizes for hosting gangs of hackers: Russia. “Participants will cover everything from efforts to improve national resilience, to experiences addressing the misuse of virtual currency to launder ransom payments, our respective efforts to disrupt and prosecute ransomware criminals and diplomacy as a tool to counter ransomware,” a senior administration official told reporters on Tuesday. The official didn’t specify why Russia didn’t get an invitation beyond unnamed “constraints.” The lack of an invitation this time “doesn’t preclude future opportunities for them to participate.” The U.S. also has other avenues for discussing ransomware with the Kremlin, the official said. The lack of an invitation for Russia exemplifies the tensions over when the U.S. might involve more adversarial nations in discussions over […] The post White House set to lead 30 nations in ransomware discussions, sans Russia appeared first on CyberScoop. (CyberScoop)

Romance scams with a cryptocurrency twist – new research from SophosLabs

Romance scams and dating site treachery with a new twist - "there's an app for that!" (Naked Security)

Microsoft October Patch Tuesday Squashes 4 Zero Day Bugs

(News ≈ Packet Storm)

Apple Releases Urgent iOS Updates To Patch New Zero Day Bug

(News ≈ Packet Storm)

Woman Allegedly Hacked Flight School, Cleared Planes With Maintenance Issues To Fly

(News ≈ Packet Storm)

OpenSea Had Bugs Allowing Malicious NFT Uploads

(News ≈ Packet Storm)

Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets

A now-patched critical vulnerability in OpenSea, the world's largest non-fungible token (NFT) marketplace, could've been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token, opening a new attack vector for exploitation. The findings come from cybersecurity firm Check Point Research, which began an investigation into the platform following (The Hacker News)

[eBook] The Guide for Reducing SaaS Applications Risk for Lean IT Security Teams

The Software-as-a-service (SaaS) industry has gone from novelty to an integral part of today’s business world in just a few years. While the benefits to most organizations are clear – more efficiency, greater productivity, and accessibility – the risks that the SaaS model poses are starting to become visible. It’s not an overstatement to say that most companies today run on SaaS. This poses an (The Hacker News)

FreakOut Botnet Turns DVRs Into Monero Cryptominers

The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems. (Threatpost)

Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers

A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc. (Threatpost)

Mandating a Zero-Trust Approach for Software Supply Chains

Sounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains. (Threatpost)

OpenSea ‘Free Gift’ NFTs Drain Cryptowallet Balances

Cybercriminals exploited bugs in the world's largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users. (Threatpost)

30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware

The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza. (Threatpost)

12-10-202114-10-2021

/security-daily/ 14-10-2021 23:44:22