Business Email Compromise (BEC) attacks have targeted a few North American transportation and logistics companies. An unknown threat actor has weaponized at least 15 company email accounts since May. Proofpoint researchers could not reveal how the threat actor accessed these accounts. The attacker is using the accounts to bury initial access malware in email chains, anticipating that recipients will be distracted by ongoing work conversations. This article continues to discuss the phishing campaign targeting transportation and logistics companies in North America.

A new HTML smuggling campaign targets Russian-speaking users to spread "DCRat" malware, also known as the "DarkCrystal RAT." According to researchers, this is the first time the malware has been deployed this way, instead of through compromised or fake websites or phishing emails with PDF attachments or macro-laced Microsoft Excel documents. This article continues to discuss findings regarding the new HTML smuggling campaign.

The US government recently announced rewards of up to $10 million each for information leading to the arrest of two Russian nationals charged over their involvement in operating and laundering proceeds from carding websites.  Joker's Stash was an underground marketplace for stolen payment card data active since at least 2014 and shut down in January 2021, roughly one month after law enforcement seized its servers.

The US government has sanctioned cryptocurrency exchanges used by Russian cybercriminals. The US Office of Foreign Assets Control (OFAC) has set sanctions against "Cryptex," a cryptocurrency exchange registered in St. Vincent and the Grenadines that operates in Russia. This article continues to discuss the US sanctioning cryptocurrency exchanges used for facilitating Russian cybercrime.

According to security researcher Sam Curry, vulnerabilities in a website dedicated to Kia vehicle owners could have allowed attackers to remotely control millions of cars.  Curry noted that the vulnerabilities could have allowed attackers to gain control of key vehicle functions in roughly 30 seconds, using only the car’s license plate.  Furthermore, the bugs allowed the attackers to harvest the victim’s personal information, such as name, address, email address, and phone number, and to create a second user on the vehicle, without the owner’s knowledge.

A new security protocol developed by researchers at the Massachusetts Institute of Technology (MIT) uses the quantum properties of light to ensure that data sent to and from a cloud server remains secure during deep-learning computations. Their protocol exploits quantum mechanics principles by encoding data into the laser light used in fiber optic communications systems, thus making it impossible for attackers to copy or intercept the information without being detected. The method provides security without compromising deep-learning model accuracy.

"The National Security Agency (NSA) joins the Australian Signals Directorate’s Australian Cyber Security Centre (ASD ACSC) and others in releasing the Cybersecurity Technical Report (CTR), 'Detecting and Mitigating Active Directory Compromises.' The guidance provides prevention and detection strategies for the most prevalent techniques used to target Active Directory (AD). Gaining control over AD gives malicious actors privileged access to all systems and users managed by AD, according to the CTR.

According to new guidelines published by the National Institute of Standards and Technology (NIST), using a mixture of character types in your passwords and regularly changing passwords are officially no longer best password management practices.  NIST’s latest version of its Password Guidelines suggests credential service providers (CSPs) stop recommending passwords using several character types and to stop mandating periodic password changes unless the authenticator has been compromised.

Security researchers at Cybernews have recently uncovered a massive data leak exposing the personal information of over 100 million US citizens.  The breach is attributed to a misconfigured database at background check firm MC2 Data, which allegedly left 2.2TB of sensitive data accessible online without password protection.

U.K. transport officials and police recently announced they are investigating a “cybersecurity incident” that hit the public Wi-Fi networks at the country’s biggest railway stations.  Passengers trying to log onto the Wi-Fi at stations including Manchester Piccadilly, Birmingham New Street, and 11 London terminuses on Wednesday evening were met by a page reading “We love you, Europe,” followed by an anti-Islam message listing a series of terror attacks.  Network Rail, which manages the stations, said the Wi-Fi had been switched off and no passenger data was taken.