InfoSecBulletin Cybersecurity for mankind
Threat actors are getting creative with crypto scams, leading to massive fund drainage from victims’ wallets. One such scam service ended up looting almost $6 million in crypto from over 4,500 victims. Moving on to data breaches, an Iowa hospital notified patients of a data breach that potentially compromised their PHI. In another vein, there’s a new update on the Rheinmetall ransomware attack from April. Read along for the top 10 highlights from the past 24 hours.
01
A cryptocurrency phishing and scam service called Inferno Drainer has reportedly stolen over $5.9 million worth of crypto from 4,888 victims. The malicious websites target 229 popular brands, including MetaMask, OpenSea, Pepe, and others.
02
Clarke County Hospital, Iowa, disclosed a data breach after the Royal ransomware group listed the hospital on its data leak site. The incident may have impacted names, addresses, health insurance information, medical record number, diagnostic information, and other PHI.
03
The FBI issued a warning about fake job ads that recruit workers into forced labor operations in Southeast Asia, some of which enslave visitors and force them to participate in cryptocurrency scams.
04
Suzuki Motorcycle India suffered a cyberattack, forcing it to shut down its bikes and scooters manufacturing plant – causing an estimated loss of 20,000 vehicles.
05
German arms company Rheinmetall confirmed that the Black Basta ransomware group was responsible for a cyberattack detected in April, which affected the company’s civilian business.
06
The Cuba ransomware group claimed responsibility for the cyberattack on The Philadelphia Inquirer, publicly releasing financial documents, account movements, balance sheets, tax documents, compensation details, and source code allegedly attributed to the newspaper.
07
The CISA mandated federal agencies address three recently patched zero-day vulnerabilities found in iPhones, iPads, and Macs, which enable attackers to execute arbitrary code, escape browser sandbox, and access sensitive information.
08
Trend Micro observed the BlackCat ransomware group using signed malicious Windows kernel drivers—an enhanced version of the POORTRY malware—to evade detection by security software during attacks.
09
Researchers developed DarkBERT, a language model pre-trained on dark web data, to aid cybersecurity professionals in extracting cyber threat intelligence from the hidden depths of the internet.
10
Digital identity verification and authentication provider Onfido announced the acquisition of identity management technology provider Airside Mobile. Terms of the deal were not disclosed.
