Cyjax notes: The source code for the KPot stealer has been auctioned off, with a representative of the REvil ransomware group being the sole public bidder. KPot first appeared in the darknet in mid-2018 as a Malware-as-a-Service (MaaS). It’s functionality included: Collect passwords, cookies, browsing history and autofill forms from Chrome, Firefox and Edge Collect…
Customer payment details stolen in JM Bullion hack
Keumars Afifi-Sabet reports: Hackers scraped the personal information and payment details of customers who made purchases with the precious metals dealer JM Bullion in a cyber attack which lasted six months earlier this year. JM Bullion discovered in July that malicious code had been embedded into its online shopping platform, enabling hackers to capture the information that customers…
A massive hacking network that Microsoft and the US military tried to stop last month is already back — and it could be a bad sign for Election Day
Aaron Holmes reports: Last month, Microsoft announced it had won a major victory in the fight against cybercrime. The company said in mid-October that it had thwarted Trickbot — a stubborn malware network that’s been used to infect critical computer systems, often shutting them down for ransom. Experts were relieved by the announcement; Trickbot and other ransomware…
Founder of hacker group Anonymous reveals his ultimate ‘end-game’
Shawn Langlois reports: Earlier this year, the Atlantic revealed Aubrey Cottle as the internet prankster who years ago started Anonymous, an amorphous collective of hackers and activists waging cyberwar against oppression and corruption by targeting institutions like the Church of Scientology, the Westboro Baptist Church and, most recently, the police department. “Anonymous has all walks of life,”…
ShopRite, Wakefern will pay $235k fine, improve security after massive data breach, AG says
Sophie Nieto-Munoz reports: ShopRite and its parent company, Wakefern Food Corporation, will pay $235,000 after two supermarkets threw away electronic devices exposing thousands of customers’ medical information, Attorney General Gurbir Grewal announced Monday. The company will also have to improve its data security after they failed to protect the information of more than 9,700 pharmaceutical customers…
Isentia ransomware attack expected to cost at least $7 million
Justin Hendry reports: Media monitoring provider Isentia has put the immediate cost of a “significant” ransomware attack on its flagship intelligence and insights service last week at at least $7 million. The incident, disclosed on Tuesday last week, disrupted the operation of the company’s SaaS platform, Mediaportal. Mediaportal is Isentia’s all-in-one platform used by both public…