Andrew Moore, Genevieve Stark, Isif Ibrahima, Van Ta of FireEye write: Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance (FTA) to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, several organizations…
Category: Hack
Nigerian Influencer Ramon ‘Hushpuppi’ Abbas Laundered Funds For North Korean Hackers, Says U.S. Department Of Justice
David Dawkins reports: New details have emerged about the case against Instagram influencer Ramon Abbas, who wowed the internet with pictures of his clothes, cars, money and lifestyle. In July, Abbas was charged by the U.S. Attorney’s Office in Los Angeles with conspiring to launder hundreds of millions of dollars from ‘“business email compromise”’ (BEC) frauds and other…
CIS launches no-cost ransomware service for U.S. hospitals
Kat Jerich reports: The nonprofit Center for Internet Security announced this week that it had launched a no-cost ransomware protection service for private hospitals in the United States. The Malicious Domain Blocking and Reporting service, which is already available for public hospitals, health departments and healthcare organizations, uses Enterprise Threat Protector software from the cybersecurity…
Three North Korean Military Hackers Involved in Sony Pictures Hack, Wanna Cry, and Numerous Other Attacks Indicted in Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes Across the Globe
A federal indictment unsealed today charges three North Korean computer programmers with participating in a wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks, to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications, and to develop and fraudulently…
French IT monitoring company’s software targeted by hackers
Reuters reports: Hackers have spent up to three years breaking into organizations by targeting monitoring software made by the French company Centreon, France’s cybersecurity watchdog said Monday. The watchdog, known by its French acronym ANSSI, stopped short of identifying the hackers but said they had a similar modus operandi as the Russian cyberespionage group nicknamed…
NL: The Netherlands Organization for Scientific Research (NWO) hit by threat actor(s)
NWO reports: The Netherlands Organization for Scientific Research (NWO) has been hit by a cyber attack. Grant applications to the organization have been stopped because of the attack. It is unclear who is behind the attack. The NWO reports that its servers have been hacked and the network is not accessible. “At the moment everything is aimed at solving the…