This week, law enforcement and judicial authorities in Europe, the US and Canada have seized the web domains and server infrastructure of DoubleVPN. This is a virtual private network (VPN) service which provided a safe haven for cybercriminals to attack their victims. This coordinated takedown, led by the Dutch National Police (Politie), under jurisdiction of the…
Facebook sues four Vietnamese nationals for hijacking accounts
Catalin Cimpanu reports: Social networking giant Facebook has filed two lawsuits today against two suspected criminal groups that abused its advertising platform for their own gains. The first lawsuit was filed against four Vietnamese nationals for hijacking user accounts and the second against a US company for running an e-commerce bait-and-switch scam. Read more on…
UK arm of international charity the Salvation Army hit by ransomware attack
Gareth Corfield reports: Criminals infected the Salvation Army in the UK with ransomware and siphoned the organisation’s data, The Register has learned. A Salvation Army spokesperson confirmed the evangelical Christian church and charity was compromised, and said it alerted regulators in the UK. Read more on The Register.
Russian Hackers Mounted Cyber Attack on German Banks, Bild Says
Patrick Donahue and Jake Rudnitsky report: A hacker group linked to the Russian state known as “Fancy Bear” conducted a cyber attack on critical German infrastructure and the country’s banking system in the past few days, Bild newspaper reported, citing unidentified Western intelligence sources. A spokesman for Germany’s BSI Federal Cyber Security Authority said the agency has…
Indian tech startup exposed Byju’s student data
Zach Whittaker reports: India-based technology startup Salesken.ai has secured an exposed server that was spilling private and sensitive data on one of its customers, Byju’s, an education technology giant and India’s most valuable startup. The server was left unprotected since at least June 14, according to historical data provided by Shodan, a search engine for exposed…
Hackers use zero-day to mass-wipe My Book Live devices
Lawrence Abrams reports that preliminary reports attributing a mass-wipe to a CVE from 2018 were not quite the whole story. Western Digital had originally told BleepingComputer that the attacks were being conducted through a 2018 vulnerability tracked as CVE-2018-18472, which was not fixed as the device has been out of support since 2015. It turns out that…