Security daily (23-06-2020)

New Zealand freezes $90 million connected to accused bitcoin launderer Alexander Vinnik

Authorities in New Zealand have seized the equivalent of $90 million in assets as part of an investigation into a Russian man accused of laundering cybercriminal funds through a global cryptocurrency exchange. The New Zealand Police announced Monday it had taken control of the funds, equivalent to $140 million in New Zealand dollars, belonging to Alexander Vinnik, the alleged operator of BTC-e, a currency trading platform shuttered by the U.S. government in 2017. The exchange effectively functioned as a money laundering operation for internet scammers engaged in computer hacking, ransomware attacks, fraud and illicit drug sales, according to New Zealand Police Commissioner Andrew Coster. “New Zealand Police has worked closely with the Internal Revenue Service of the United States to address this very serious offending,” Coster said in a statement. “These funds are likely to reflect the profit gained from the victimization of thousands, if not hundreds of thousands, of […] The post New Zealand freezes $90 million connected to accused bitcoin launderer Alexander Vinnik appeared first on CyberScoop. (CyberScoop)

United States wants HTTPS for all government sites, all the time

Making .GOV domains secure - it'll take "a few years" yet (Naked Security)

‘BlueLeaks’ exposes sensitive files from hundreds of police departments

The journalist collective DDoSecrets published nearly 270GB of data on Juneteenth: the date commemorating the end of US enslavement.

(Naked Security)

Israeli Spyware Used To Target Moroccan Journalist, Amnesty Claims

(News ≈ Packet Storm)

Adobe Prompts Users To Uninstall Flash Player As EOL Date Looms

(News ≈ Packet Storm)

Privacy-Focused OS Wants To Know How Facebook And The FBI Hacked It

(News ≈ Packet Storm)

Twitter Apologizes For Business Data Breach

(News ≈ Packet Storm)

Google Analytics Abused To Conceal Theft Of Payment Card Data

(News ≈ Packet Storm)

New Privacy Features Added to the Upcoming Apple iOS 14 and macOS Big Sur

Unprecedented times call for unprecedented measures.

No, we're not talking about 'coronavirus,' the current global pandemic because of which Apple—for the very first time in history—organized its Worldwide Developer Conference (WWDC) virtually.

Here we're talking about a world in which we are all connected and constantly sharing data, also known as the new oil, with something called "privacy" (The Hacker News)

VirusTotal Adds Cynet's Artificial Intelligence-Based Malware Detection

VirusTotal, the famous multi-antivirus scanning service owned by Google, recently announced new threat detection capabilities it added with the help of an Israeli cybersecurity firm.

VirusTotal provides a free online service that analyzes suspicious files and URLs to detect malware and automatically shares them with the security community. With the onslaught of new malware types and samples, (The Hacker News)

Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards

Researchers reported on Monday that hackers are now exploiting Google's Analytics service to stealthily pilfer credit card information from infected e-commerce sites.

According to several independent reports from PerimeterX, Kaspersky, and Sansec, threat actors are now injecting data-stealing code on the compromised websites in combination with tracking code generated by Google Analytics for (The Hacker News)

Sodinokibi Ransomware Now Scans Networks For PoS Systems

Attackers are compromising large companies with the Cobalt Strike malware, and then deploying the Sodinokibi ransomware. (Threatpost)

Work From Home Opens New Remote Insider Threats

Remote work is opening up new insider threats - whether it's negligence or malicious employees - and companies are scrambling to stay on top of these unprecedented risks. (Threatpost)

Hakbit Ransomware Attack Uses GuLoader, Malicious Microsoft Excel Attachments

Recent spearphishing emails spread the Hakbit ransomware using malicious Microsoft Excel attachments and the GuLoader dropper. (Threatpost)

Remote Workers Pose New Security Risks

Organizations sent workers home during COVID-19 lockdown without adequate security preparation. (Threatpost)


/security-daily/ 24-06-2020 23:44:23