Romita Majumdar reports: … SonicWall Labs Threats research team found fake Aarogya Setu apps carrying spyware, which is capable of making phone calls, recording audio, send SMS, take pictures and record videos from the camera. If the user deletes Aarogya Setu app from the device by long pressing the icon > uninstall method, only the…
Michigan State hit by ransomware threatening leak of student and financial data
Benjamin Freed reports: Michigan State University is being targeted by a ransomware attack carried out by a hacker claiming to have stolen files, including students’ personal information, with the threat of publishing them online if a bounty is not paid. A post appeared Wednesday on a blog affiliated with NetWalker, a relatively newer form of…
Another Alleged FIN7 Cybercrime Gang Member Arrested
Ishita Chigilli Palli reports: The FBI has arrested another alleged member of the FIN7 cybercrime gang, which has been stealing millions of payment cards and other financial data since at least September 2015, according to federal court documents. Ukrainian national Denys Iarmak was extradited from Thailand and arrested in Seattle on Friday, according to documents unsealed…
Truecaller denies database breach after details of over 45 million Indians appear on the dark web
Soumyarendra Barik reports: Personal data of 47.5 million Indians — including their phone number, service provider, name, gender, city, email, and Facebook ID, among other things — claimed to be sourced from caller ID app Truecaller is available for sale on the dark web for $1,000 (₹75,000), cybersecurity firm Cyble said. Truecaller, in a statement to MediaNama,…
TH: National Broadcasting and Telecommunications Commission warns Advanced Wireless Network on data breach
The Bangkok Post reports: The telecom regulator has handed an official warning letter to a subsidiary of Advanced Info Service (AIS), urging it to strictly ensure cybersecurity and data protection after the firm accidentally exposed its database of 8 billion internet records online without a password during a scheduled test earlier this month. The move…
Arbonne MLM data breach exposes user passwords, personal info
Sergiu Gatlan reports: International multi-level marketing (MLM) firm Arbonne International exposed the personal information and credentials of thousands after its internal systems were breached by an unauthorized party last month. […] “On the evening of April 20, 2020, Arbonne became aware of unusual activity within a limited number of its internal systems,” Arbonne says in a data breach…