Large-scale backdoor malware in Linux servers. BreachForums seized again. Interesting Ethereum heist.  

News

Hi folks!

I hope you're all having a wonderfull end of the week. It has once again been exhausting but so awesome on my end. The non-stop learning on the new job is intense, but very satisfying.

It's a quick version today, and that might be the case a few more times until I get my weekly routine in order. I'll take it as it comes, if I have time I'll write more, if I don't I'll write less :-)

Have a good one friends!

Dieter Van der Stock

Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach

Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach. Over 400,000 servers have been compromised up till now.

arstechnica.com

FBI seize BreachForums hacking forum used to leak stolen data (again)

"This website has been taken down by the FBI and DOJ with assistance from international partners," reads the seizure message. It also shows the two forum profile pictures of the site's administrators, Baphomet and ShinyHunters, overlaid with prison bars.

bleepingcomputer.com

Brothers arrested for $25 million theft in Ethereum blockchain attack

​The U.S. Department of Justice has indicted two former MIT students for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency within approximately 12 seconds.

bleepingcomputer.com

Quick links

  • Congressional leaders concerned by NYPD's use of Chinese-made drones: link.
  • FCC might require telecoms to report on securing internet's BGP technology: link.
  • Apple blocked $7 billion in fraudulent App Store purchases in 4 years: link.
  • Norway recommends replacing SSL VPN to prevent breaches: link.
  • Southeast Asian scam syndicates stealing $64 billion annually, researchers find: link.
  • Vermont passes data privacy law allowing consumers to sue companies: link.

Breaches and leaks

  • Europol confirms web portal breach, says no operational data stolen: link.
  • Ascension redirects ambulances after suspected ransomware attack: link.
  • Singing River Health System: Data of 895,000 stolen in ransomware attack: link.
  • Dell API abused to steal 49 million customer records in data breach: link.
  • Largest non-bank lender in Australia warns of a data breach: link.
  • British Columbia investigating cyberattacks on government networks: link.
  • Ohio Lottery ransomware attack impacts over 538,000 individuals: link.
  • The Post Millennial hack leaked data impacting 26 million people: link.
  • Helsinki suffers data breach after hackers exploit unpatched flaw: link.
  • Banco Santander warns of a data breach exposing customer info: link.
  • Nissan North America data breach impacts over 53,000 employees: link.
  • MediSecure e-script firm hit by ‘large-scale’ ransomware data breach: link.
  • Law enforcement data stolen in Wichita ransomware attack: link.
  • Christie's takes website offline after cyberattack, delays live auction: link.

Issues and fixes

  • Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws: link.
  • Apple backports fix for zero-day exploited in attacks to older iPhones: link.
  • Citrix warns admins to manually mitigate PuTTY SSH client bug: link.
  • Widely used modems in industrial IoT devices open to SMS attack: link.
  • Google fixes third actively exploited Chrome zero-day in a week: link.
  • VMware fixes three zero-day bugs exploited at Pwn2Own 2024: link.
  • Apple fixes Safari WebKit zero-day flaw exploited at Pwn2Own: link.
  • PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers: link.

1Password for developers: secrets, SSH keys, and more

I think most developers don't realise how valuable 1Password can be. It doesn't just hold passwords, it also hold your SSH keys, signs your Git commits, injects token and other secrets in CLI scripts when you want, and much more. (Sponsored)

1password.com

No spam, ever. We'll never share your email address and you can opt out at any time.