InfoSecBulletin Cybersecurity for mankind
Organizations with ties with the government are a lucrative target for cybercriminals. One such commercial and defense shipbuilder, which is also a U.S. Navy contractor, fell victim to a ransomware attack. Unsecured databases continue to be a huge problem as Peugeot became the latest in line to leak its user data and application secrets from its Peruvian store. In other news, a fake giveaway scam earned the scammer over $20,000 in cryptocurrency.
01
Fincantieri Marine Group suffered a ransomware attack that impacted certain computer systems on its network. No evidence of compromise of employees’ personal data has been found yet.
02
French automobile brand Peugeot was found leaking access to its Peruvian user database, containing Full MySQL database URI, JWT passphrase and locations of private and public keys, and others.
03
The North Korea-linked BlueNoroff APT group—a subset of the Lazarus APT—was spotted targeting macOS users with a new malware, dubbed RustBucket, to download and execute various payloads.
04
Group-IB spotted a new phishing campaign targeting Facebook users via 3,200 fake profiles, in an attempt to steal account credentials from public figures, businesses, celebs, and others.
05
The CISA and the CNMF foiled an attempt by the Iranian Pioneer Kitten threat group to gain access to a city’s local infrastructure that would be used to record the results of voting for the 2020 elections – revealed the agencies recently.
06
Threat actors hacked the Twitter account of KuCoin to promote a fake giveaway scam, leading to the theft of more than $22,600 in cryptocurrency.
07
CPR identified Educated Manticore, a group closely related to the Iranian APT group Phosphorus, using a new Powerless backdoor. The threat group operates in the Middle East and North America and targets entities in Israel.
08
Two Chinese and Hong Kong nationals were indicted by the U.S. government for money laundering in relation to stolen cryptocurrency from North Korean hackers, Lazarus APT.
09
Kenya-based Naivas Supermarket disclosed a ransomware attack that compromised some of its data. The threat actor threatened to publish the stolen data online.
10
Cybersecurity startup Stack Identity raised $4 million in a seed funding round co-led by WestWave Capital and Benhamou Global Ventures.
