Risky Business News

Risky Business News, compiled by Catalin Cimpanu, provides comprehensive updates on cybersecurity events worldwide. Covering malware disruptions, ransomware impacts, cyber-espionage activities, legal and policy developments, and significant breach incidents, it highlights the evolving threats in the digital domain and the measures being taken to counteract them.

Cybersecurity Incidents Malware and Ransomware Cyber-Espionage Legal and Regulatory Actions Data Breaches Privacy Concerns Cybersecurity Measures Technology and Security Updates

The hottest Substack posts of Risky Business News

And their main takeaways

Risky Biz News: Canada's tax revenue agency tries to ToS itself out of hacking liability

359 HN points 08 Mar 23
🕹 Technology Cybersecurity Vulnerabilities Hackers Malware
  1. Canada Revenue Agency (CRA) updated its terms to avoid liability if personal information is stolen from their online service portal.
  2. There are concerns about CRA's basic web application security features being missing, despite their claims of taking all reasonable security steps.
  3. The offloading of responsibility by CRA through a benign Terms of Service update is harmful, especially considering the sensitive data they hold.

Risky Biz News: Facebook takes down NodeStealer malware before it can take off the ground

0 implied HN points 05 May 23
🕹 Technology Cybersecurity Vulnerabilities Tools Company News Threat intelligence
  1. Meta disrupted the NodeStealer malware, preventing its spread and protecting user credentials from being compromised.
  2. Various cyberattacks and ransomware incidents have been reported, affecting entities like universities and cities.
  3. Key developments in the tech and privacy sector include the FTC proposing a ban on Facebook monetizing youth data and Discord transitioning to a new username format.

Risky Biz News: Last of the Twitter hackers to be extradited to the US

0 implied HN points 20 Feb 23
🕹 Technology Cybercrime Vulnerabilities Malware Infosec Industry
  1. Spain's National Court agreed to extradite a 23-year-old UK national to the US for his role in the 2020 Twitter hack.
  2. GoDaddy and the FBI experienced breaches in their systems, while crypto platforms like Platypus and Dexible were hacked for millions of dollars.
  3. Various cybercrime incidents and threat intelligence reports emerged, including seizure of cryptocurrency funds by Norwegian authorities and dismantling of CEO fraud and IMSI catcher gangs.

Risky Biz News: CISA establishes ransomware warning pilot program

0 implied HN points 15 Mar 23
🕹 Technology Cybersecurity Vulnerabilities Malware
  1. CISA launched a ransomware warning program to proactively scan and secure vulnerable systems in critical infrastructure.
  2. Several cyber incidents include the $197 million crypto-heist on Euler Finance, an extortion attempt on GSC Game World and potential breaches at Amazon Ring, Marshall Amps, and Saint Kitts and Nevis government.
  3. Tech updates feature Kali Linux Purple edition, the creation of UK National Protective Security Authority, and the development of a Russian GitHub alternative.

Risky Biz News: Move aside RowHammer, the RowPress attack is here

0 implied HN points 28 Jun 23
🕹 Technology Cybersecurity Malware Vulnerabilities Tools Conferences
  1. A new memory attack named RowPress has been discovered as an alternative to RowHammer, making DRAM chips vulnerable.
  2. Software-level mitigations can help protect against the RowPress attack by limiting the time a memory row can stay open.
  3. Various notable breaches, hacks, and incidents have occurred recently, emphasizing the ongoing importance of cybersecurity measures and vigilance.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

Risky Biz News: Brazilian police arrest Grandoreiro malware gang

0 implied HN points 31 Jan 24
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry Threat intelligence
  1. Brazilian police arrested members of the Grandoreiro malware gang, known for stealing millions from bank customers in Brazil, Mexico, and Spain.
  2. Ukraine's GUR conducted a hack wiping 60TB of data from Russian company IPL Consulting and worked to cripple Akado-Telekom infrastructure.
  3. Various cybersecurity incidents, including crypto-heists, ransomware attacks on companies like Schneider Electric, Romanian government, and details on malware strains like Trigona and Ermac.

Risky Biz News: Chinese APT exploits two Pulse Secure zero-days

0 implied HN points 12 Jan 24
🕹 Technology Security Malware Cybercrime Vulnerabilities Infosec Industry
  1. Chinese state-sponsored hacking group exploited two zero-days in Ivanti Connect Secure VPN appliances.
  2. FTC banned data broker Outlogic from selling precise location data of American citizens due to privacy violations.
  3. A member of the ShinyHunters hacking group was sentenced to three years in prison for hacking and selling data on underground forums.

Risky Biz News: Ransomware wrecks Paraguay's largest telco

0 implied HN points 10 Jan 24
🕹 Technology Cybersecurity Software Hackers Privacy Vulnerabilities
  1. A ransomware attack on Tigo, Paraguay's largest telco, impacted 300 servers and 300 companies.
  2. Ransomware group BlackHunt breached victims via unsecured RDP connections and is known for data encryption and theft.
  3. Dutch Police arrested a developer of the Babuk Tortilla ransomware, obtaining decryption keys and sharing them with Avast and Cisco Talos.

Risky Biz News: FTC looks at cloud providers, their business practices, and data security

0 implied HN points 24 Mar 23
🕹 Technology Cybersecurity Government Malware Vulnerabilities Tech Events
  1. The US Federal Trade Commission is seeking public comments on the business practices and data security of cloud computing providers.
  2. The FTC's action is a response to concerns about the predatory business practices of cloud providers and potential cybersecurity risks.
  3. The FTC is focusing on issues such as negotiating cloud contracts, secure storage competition, breach notifications, and customer lock-in incentives.

Risky Biz News: Let's revisit the Ivanti Connect Secure clusterfudge

0 implied HN points 02 Feb 24
🕹 Technology Cybersecurity Software Vulnerabilities Tools
  1. Ivanti disclosed two zero-day vulnerabilities in its Connect Secure VPN appliance, leading to exploitation by threat actors.
  2. Security firm Volexity linked the attacks to a Chinese cyber-espionage group, influencing hundreds of infected devices globally.
  3. Malware names like GLASSTOKEN, GIFTEDVISITOR, BUSHWALK were found on infected devices, leading to the mass exploitation phase.

Risky Biz News: FTC orders MoneyGram to return $115 million to scammed victims

0 implied HN points 15 Feb 23
🕹 Technology Cybercrime Data security Vulnerabilities Malware Infosec Industry
  1. The FTC ordered MoneyGram to return $115 million to scam victims due to system abuse
  2. Cybercriminals are developing new ransomware like MortalKombat and using phishing campaigns for attacks
  3. Various cybersecurity vulnerabilities and exploits have been detected, addressed, and reported by different companies and security researchers

Risky Biz News: Almost 9 million Android phones sold pre-infected with malware

0 implied HN points 22 May 23
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry
  1. A cybercrime group named Lemon Group has pre-installed malware in almost 9 million Android devices, planting it inside the firmware.
  2. The Lemon Group's malware, known as Guerrilla, is hidden inside the Zygote process and can download plugins for various malicious activities.
  3. The lack of security practices in the Android OEM ecosystem and the presence of pre-installed malware highlight the risk of buying low-cost devices from unknown vendors.

Risky Biz News: US imposes visa ban on individuals linked to commercial spyware

0 implied HN points 07 Feb 24
🕹 Technology Cybersecurity Software Vulnerabilities Events
  1. The US government has restricted visas for individuals linked to the misuse of commercial spyware.
  2. Commercial spyware has been linked to repression, human rights abuses, and poses a security threat to the US.
  3. Investors and individuals tied to spyware vendors like Candiru, NSO Group, Intellexa, and Cytrox may face the visa ban.

Risky Biz News: Two Iranian cyber groups get doxed in a week

0 implied HN points 05 Feb 24
🕹 Technology Cybersecurity Malware Vulnerabilities Open Source
  1. Two Iranian cyber groups were recently exposed in a week, indicating increased cyber activity from Iran.
  2. Cyber Av3ngers attacked Israeli critical infrastructure, mainly targeting Unitronics devices.
  3. Various cybersecurity incidents, such as Cloudflare breach and Clorox ransomware attack, demonstrate ongoing threats in the digital landscape.

Risky Biz News: SVR hackers also breached HPE

0 implied HN points 26 Jan 24
🕹 Technology Cybersecurity Vulnerabilities Malware Espionage Tools
  1. HPE and Microsoft faced breaches by the same Russian state-sponsored hacking group, highlighting the ongoing cyber threats to tech giants.
  2. SEC's new breach disclosure rules are leading to faster reporting of incidents and more detailed disclosures from affected companies, changing the cybersecurity landscape.
  3. Various new cybersecurity incidents and threats, including DDoS attacks, ransomware incidents, and insider threats, continue to impact organizations globally.

Risky Biz News: AU, UK, US sanction Russian behind Medibank ransomware attack

0 implied HN points 24 Jan 24
🕹 Technology Cybersecurity Vulnerabilities Threat intelligence Malware Tech Updates
  1. Australia, UK, and US have sanctioned a Russian individual for ransomware attack on Medibank.
  2. Various cybersecurity incidents like data breaches, ransomware attacks, and malware discoveries are on the rise.
  3. Significant security updates and patches have been released for vulnerabilities in various platforms and software.

Risky Biz News: Cybercrime crew infects 172,000 smart TVs and set-top boxes

0 implied HN points 17 Jan 24
🕹 Technology Cybersecurity Vulnerabilities Malware Government Tech news
  1. A cybercrime group infected 172,000 smart TVs and set-top boxes to carry out DDoS attacks.
  2. Bigpanzi botnet targeted Spanish and Portuguese-speaking users by spreading malware through social engineering.
  3. The security industry faces challenges like unpatched vulnerabilities in SonicWall firewalls and sophisticated malware targeting various platforms.

Risky Biz News: Congress considers making CSRB permanent and more independent and transparent

0 implied HN points 19 Jan 24
🕹 Technology Cybersecurity Vulnerabilities Malware Incident Response
  1. Congress is considering making the CSRB permanent and more independent and transparent for cybersecurity issues.
  2. Various cybersecurity incidents occurred, such as DDoS attacks in Switzerland and cyberattacks on companies like Kyivstar.
  3. Important developments include new Samsung phones promising 7 years of security updates and Google updating Chrome Incognito Mode text.

Risky Biz News: Turkish APT group Sea Turtle returns

0 implied HN points 08 Jan 24
🕹 Technology Cybersecurity Malware Vulnerabilities Acquisitions Tools
  1. Hackers associated with the Turkish government in the Sea Turtle group have resumed cyber-espionage operations targeting governments and IT service providers.
  2. Recent cyber incidents include Russian hackers targeting Ukraine, hacks in the telecom sector, and cyberattacks on US museums and crypto platforms.
  3. New malware discoveries, ransomware attacks, and cybercrime incidents underscore the importance of strong passwords, security updates, and vigilance against cyber threats.

Risky Biz News: Microsoft addresses OneNote malspam problem, promises fixes through the year

0 implied HN points 03 Apr 23
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry
  1. Microsoft is addressing a malspam problem in OneNote by blocking execution of certain embedded files.
  2. Several major breaches and cyber incidents have been reported in various countries.
  3. Various new cyber threats, malware strains, and cybersecurity vulnerabilities have been discovered and analyzed recently.

Risky Biz News: US and Canada warn of new Truebot malware variant

0 implied HN points 07 Jul 23
🕹 Technology Cybersecurity Vulnerabilities Malware Privacy Government
  1. US and Canada issue joint security alert about new Truebot malware variant being spread through phishing campaigns
  2. Cybersecurity incidents include ransomware attack on Japan's largest cargo port, DDoS attack on Russian railway company, and data leak of Indonesian passports
  3. Privacy concerns arise with inability to delete Instagram Threads account and secret blocklist feature in Firefox

Risky Biz News: EPA releases cybersecurity guidance for US public water sector

0 implied HN points 06 Mar 23
🕹 Technology Cybersecurity Malware Vulnerabilities Infosec Industry Tech Updates
  1. The US EPA has released cybersecurity guidance for public water systems, aiming to improve cybersecurity resilience and address recent high-profile hacks.
  2. Recent cyber breaches include hacks on GunAction.com, Flutterwave, BitBNS, TheSandbox, Chick-fil-A, and Mastodon.
  3. Various cybersecurity incidents involve BEC phishing campaigns, malware like FiXS in ATMs, and vulnerabilities found in DJI drones and Intel processors.

Risky Biz News: New Chinese APT attacks US critical infrastructure

0 implied HN points 26 May 23
🕹 Technology Cybersecurity Malware Vulnerabilities Tools
  1. New Chinese APT group Volt Typhoon detected targeting US critical infrastructure with stealth techniques.
  2. Recent focus of Chinese APTs on stealth operations explained by pressure to avoid detection due to increased scrutiny.
  3. Breaches and hacks include Chinese cyber-spies targeting Kenyan government, crypto-heists, and exit scams affecting investors.