Latest Security News Collection
01
Germany Blocks Hacker Access to 30,000 Devices Infected with BadBox Malware
#Germany #CyberSecurity #BadBoxMalware #BSI #AndroidDevices #Malware #Sinkholing #CyberThreats #DigitalSecurity #Triada #RemoteControl #AdvertisingFraud #FakeNews #CyberAttacks #InternetSecurity #TechNews #cybercrime #cybersecurity
Germany’s cybersecurity agency, the Federal Office for Information Security (BSI), has successfully blocked communication between 30,000 infected devices and the control servers of the hackers behind the BadBox malware.
The malware, pre-installed on various Android devices such as smartphones, tablets, and streaming boxes, creates a backdoor for remote control and further malicious activities. The BSI’s intervention prevents further damage, although devices with outdated software remain vulnerable.
The BadBox malware, which can spread fake news, conduct advertising fraud, and serve as a proxy for cyberattacks, was found on devices like digital photo frames and streaming devices. German authorities used a technique called sinkholing to redirect traffic from these devices to safe servers, cutting off hacker access.
→ Read more on therecord.media
02
Tibber Data Leak: 50,000 Records Found on Have I Been Pwned
#Tibber #DataLeak #CyberSecurity #HaveIBeenPwned #DataBreach #CustomerData #ThreatActor888 #Darknet #EmailAddresses #Phishing #DataProtection #CyberThreats #EnergyProvider #SecurityMeasures #TechNews #Germany #November2024 #cybercrime #cybersecurity
In November, energy provider Tibber confirmed a data breach affecting approximately 50,000 accounts. The compromised data, now listed on Have I Been Pwned, includes names, email addresses, city and postal codes, and expenditure details.
The breach, attributed to a source named Threat Actor 888, was initially reported on the Darknet. Despite the significant number of compromised records, no passwords, payment, or consumption data were affected. Tibber has assured that they are taking steps to secure their systems. Users can now check if their email addresses were part of the breach on Have I Been Pwned.
→ Read more on heise.de
03
Cheat Codes for LLM Performance: An Introduction to Speculative Decoding
#AIInferencing #SpeculativeDecoding #Cerebras #Groq #LLMPerformance #AIAccelerators #SRAM #TokenGeneration #MetaModel #Llama31 #AIChip #TechInnovation #PerformanceBoost #AIResearch #MachineLearning #TechNews #cybercrime #cybersecurity
In the realm of AI inferencing, speed is paramount. Recently, chip companies have made impressive claims about their performance capabilities. Cerebras, for instance, reported generating 969 tokens per second with Meta’s 405 billion parameter model and even higher rates with smaller models like Llama 3.1 70B. AI chip startup Groq also showcased notable performance.
These figures surpass what GPUs can achieve, thanks to purpose-built AI accelerators that use large banks of SRAM to overcome bandwidth limitations. The significant performance boost is attributed to speculative decoding, a technique where a smaller model generates initial output and a larger model verifies accuracy. This method can enhance token generation speed by 2x to 3x, with real-world applications showing up to a 6x improvement.
→ Read more on theregister.com
04
Fake IT Workers Funneled Millions to North Korea
#DOJ #NorthKorea #ITWorkers #SanctionsViolation #WireFraud #MoneyLaundering #IdentityTheft #YanbianSilverstar #VolasysSilverstar #DeepfakeIdentities #ProxyServers #CyberSecurity #DataExtortion #USJusticeDepartment #CyberThreats #TechNews #cybercrime #cybersecurity
The US Justice Department has indicted 14 North Koreans for posing as remote IT workers to violate sanctions and commit wire fraud, money laundering, and identity theft. The scheme, unsealed in federal court in St. Louis, involved using stolen identities and AI-generated credentials to infiltrate US companies and funnel at least $88 million to the North Korean regime over six years.
The operatives, working under North Korean-controlled companies Yanbian Silverstar in China and Volasys Silverstar in Russia, extorted employers by stealing sensitive data and threatening to release it unless paid. The workers, required to earn a minimum of $10,000 monthly, used advanced tactics like deepfake identities and proxy servers to mask their origins. The Justice Department highlighted the heightened risk of cyberattacks due to these activities.
→ Read more on securityweek.com
05
87% of Cyber Threats Hide in Encrypted Traffic
#CyberThreats #EncryptedTraffic #Malware #ThreatLabz #ArtificialIntelligence #CyberSecurity #AsyncRAT #ChoziosiLoader #AMOS #Ducktail #AgentTesla #KoiLoader #MalwarePayloads #MacroMalware #CyberAttackTrends #TechNews #CyberCrime #cybersecurity
Encrypted traffic has become a growing entry point for increasingly sophisticated threats, a trend amplified by the use of artificial intelligence (AI) by malware actors over the past year. According to ThreatLabz, over 87% of all threats between October 2023 and September 2024 were transmitted via encrypted channels, a 10% increase from the previous year.
Malware dominated these encrypted attacks, accounting for 86% of the incidents with 27.8 billion hits, reflecting a 19% rise from the previous year. This category includes malicious web content, malware payloads, and macro-based malware. The strategic shift in attack tactics involves hiding payloads and harmful content in encrypted traffic to evade detection. Prominent malware families using encrypted transmission include AsyncRAT, Choziosi Loader/ChromeLoader, AMOS/Atomic Stealer, Ducktail, Agent Tesla, and Koi-Loader.
→ Read more on it-daily.net
06
Germany Blocks 30,000 IoT Devices Infected with Pre-Installed Malware
#IoT #BadBoxMalware #CyberSecurity #BSI #AndroidDevices #Botnet #DDoS #FakeNews #AdvertisingFraud #CyberThreats #Sinkholing #Firmware #TechNews #Germany #MalwarePrevention #cybercrime #cybersecurity
German authorities have blocked 30,000 digital picture frames, media players, and other Android devices from communicating with BadBox botnet control servers. The malware, pre-installed on these devices, allows attackers to intercept credentials, install additional payloads, and launch DDoS attacks.
The German Federal Office for Information Security (BSI) warns that IoT devices are lucrative targets for hackers. BadBox also enables the creation of email and messenger accounts for spreading fake news and conducting advertising fraud. The BSI is redirecting communication from these devices to safe servers, but outdated firmware remains a risk.
→ Read more on cybernews.com
07
Researchers Uncover Nation-State Malware Targeting Industrial Systems
#NationStateMalware #IOCONTROL #Claroty #CyberSecurity #IoT #OT #CriticalInfrastructure #CyberAv3ngers #IRGC #SCADA #IndustrialSystems #CyberThreats #Malware #TechNews #SecurityResearch #cybercrime #cybersecurity
Researchers at Claroty have identified a new malware tool, IOCONTROL, used by nation-state actors to attack critical infrastructure. Team82, Claroty’s threat intelligence team, found that IOCONTROL targets Internet of Things (IoT) and operational technology (OT) systems.
The malware, linked to the CyberAv3ngers group, part of Iran’s IRGC-CEC, was extracted from a compromised fuel management system. It has been used to attack various devices, including IP cameras, routers, PLCs, HMIs, and firewalls. Affected vendors include Baicells, D-Link, Hikvision, Red Lion, Orpak, Phoenix Contact, Teltonika, and Unitronics.
→ Read more on infosecurity-magazine.com
08
Krispy Kreme Online Ordering Disrupted by Cyberattack
#KrispyKreme #Cyberattack #OnlineOrdering #DigitalSales #CyberSecurity #ITSystems #RestaurantIndustry #DigitalChannels #RevenueImpact #SystemRestoration #CyberThreats #TechNews #CustomerService #DigitalPlatform #CyberIncident #cybercrime #cybersecurity
Krispy Kreme’s online ordering system has been disrupted following a cyberattack on its IT systems. While in-store operations remain unaffected, the incident highlights the vulnerability of restaurants to cyber threats as they increasingly rely on digital channels. The doughnut chain, which recently updated its digital platform and loyalty program, reported a 15% increase in digital sales during the third quarter.
The cyberattack could lead to a loss of revenue from digital sales and incur costs for cybersecurity experts and system restoration. Despite the disruption, Krispy Kreme’s shops remain open, and deliveries to retail and restaurant partners are not impacted. The company is actively working to investigate, contain, and remediate the incident.
→ Read more on cybersecuritydive.com
09
Canadian Eyecare Firm Care1 Exposes 2.2TB of Patient Records
#Care1 #DataBreach #CyberSecurity #PatientRecords #Healthcare #AI #Optometry #PHNs #DataProtection #CyberThreats #MedicalData #Privacy #HealthcareTechnology #JeremiahFowler #vpnMentor #TechNews #cybercrime #cybersecurity
In a significant data breach, cybersecurity researcher Jeremiah Fowler discovered an unprotected database belonging to Care1, a Canadian company providing AI-powered software solutions to optometrists. The database, containing over 4.8 million records and totalling 2.2TB, exposed sensitive patient information such as names, addresses, medical histories, and Personal Health Numbers (PHNs).
Care1, which partners with over 170 optometrists and manages more than 150,000 patient visits, left detailed eye exam reports, doctor’s notes, and images unprotected. The exposed data also included CSV and XLS spreadsheets listing patients’ home addresses and health-related information. This breach highlights the critical need for robust cybersecurity measures in healthcare.
→ Read more on hackread.com
10
Far-Right ‘Active Clubs’ Movement Goes Global as Mastermind Sentenced
#FarRight #ActiveClubs #RobertRundo #NeoNazi #RiseAboveMovement #AntiRiotAct #Extremism #GlobalNetwork #PoliticalViolence #FarRightMovement #InternationalExtremism #Telegram #SkinheadGangs #NeoFascism #AltRight #PoliticalRallies #FederalPrison #cybercrime #cybersecurity
American neo-Nazi Robert Rundo has been sentenced to federal prison for attacking political opponents at rallies in California in 2017. Despite his imprisonment, the “Active Club” network he co-founded has spread globally, from Eastern Europe to South America. Rundo, along with members of the Rise Above Movement, was convicted of conspiracy to violate the federal Anti-Riot Act.
Since his initial arrest and subsequent flight from the US, Rundo has helped establish an international network of far-right fight clubs. These “Active Clubs” now operate in numerous countries, including the United States, United Kingdom, Ireland, France, Germany, and Australia, according to extremism researchers.
→ Read more on wired.com
+49 89 360 5310 | security-awareness@metafinanz.de
The editors are not responsible for the content of each article.