A likely Chinese based cyber-espionage group has been waging an campaign to steal metadata from phone carriers, at least 10 from around the world, according a report from Cybereason, the firm leading investigation. 

      While there was little evidence to link this group to China, after the report was reviewed by FireEye, and Crowdstrike, they did corroborate that the tactic of stealing cellular metadata did appear similar to how Russian or even Iranian state sponsored groups operated. 

      While one customer to Cybereason was completely breached, their whole network compromised and hijacked, no actual content of private messages was taken, but the metadata to potentially track them was likely gathered. 

      Its likely that there will future reports about these groups, Chinese, Russian, and Iranian respectively. 

      Original article can be found here.


             That was the news folks, have a good day, and stay safe out there.


      ---Mad-Architect 


      


      

                  A hacker's forum called Social Engineered, one dedicated to the art of lying was breached, and well, they lost all of their user data and found it later published on a rival site. 

        The information included usernames, IP addresses, passwords, all of these stored in MD5 hashes, also included were private messages exchanged between users. The information in total was from 55,000 users. 

        According to the forum's owner, a vulnerability in MyBB was the reason for the leak. A patch for the hole was rolled out on June 10th. Social Engineered has now since moved to the XenFoo platform,  in an effort to ensure that this never happens again.


       Original article can be found here.

                That was the news folks, have a good week, and stay safe out there.


        ---Mad-Architect 

              Within the last few days, the US has launched a cyber attack on Iranian based missile and computer networks, in retaliation for Iran downing a US drone over what Iran claimed, was Iranian airspace. The US has responded justly, stating that it was shot down over international waters, and was an unprovoked attack. 

      In response to the cyber attack by the US, the Iranian state sponsored cyber group, the Islamic Revolutionary Guard Corps, has waged a mass cyber campaign against the US. Both states have been trading shots, both verbally, and over the airwaves, amid rising tensions between the two nations. The US has been casting heavier sanctions on Iran due to them attempting to manufacture nuclear weapons. There was supposed to be a US sanctioned strike against Iranian military targets, but the US president halted it just 10 minutes prior to the strike arriving at its target, the strike was in response to alleged Iranian sponsored attacks against oil tankers in the Strait of Hormuz. 

      As of now, the two nations are in a tense stand off, alongside their allies, the world is waiting to see what happens, and everyone is holding their breath, as a war between the US and Iran could spark a major conflict that the world may not be ready for. 


      Original article can be found here.


            That was the news folks, have a good rest of the weekend, and stay safe out there.


      ---Mad-Architect 

      

                    Crypto orgs were caught off guard when they were under attack from hackers, utilizing Zero-Days combined alongside spear phishing. Oddly enough, this attack targeted Coinbase employees and not its users. The attackers, using two Firefox Zero-days, with a sandbox escape, but were blocked by staffers after being detected.


         Security researcher, Samuel Grob, back in April, reported an RCE bug to Mozilla, via their private bug tracker. Two months after the bug was reported, that same one was utilized in an attack against Coinbase. It is unclear as to how information of the bug was obtained by malicious actors. 


         As of the writing of this article, no identities of the attackers have been released, but patches for the two zero-days has been released.


          Original article can be found here.


                     That was the news folks, have a good weekend, and stay safe out there.


          ---Mad-Architect 

                   There has been quite a lot of scrutiny surrounding some if not all smart tech, in this case, Google nest cams; it was discovered that even after the owner factory reset the camera, a person could still access the camera feed. This is just another bad check on cams as a whole, considering what some parents have discovered with their cams publicly streaming feed of their children. 

         With the information that Google was provided, they have taken steps to shore it up, with no need for any further action from any owners of the nest cams.

         Original article can be found here.


                     That was the news, have a good week, and stay safe out there.


        ---Mad-Architect 

                 According to a report from security researchers at TrendMicro, a cyber espionage campaign is targeting Android users in the middle east. The malicious actors behind this campaign are using a piece of malware detected as GolfSpy, and is capable of hijacking the user's smartphone. 

        According to reports, the malware was distributed via malicious applications off a website, utilizing apps that are common in the middle east. 

        As of the writing of this article, the operators behind this campaign are unknown. 


        Original article can be found here.


                 That was the news folks, have a good week, and stay safe out there.



        ----Mad-Architect 

               A simple phone call, an email scam, and the victim not having confirmed with a second source, caused a church to lose 1.75 million. Saint Ambrose Catholic church had been in the middle of a large renovation project, and had been making multiple payments to a construction company, and they knew that they had made all of their payments, but a little social engineering caused the Parish, Bob Stec, to believe that they had missed a payment. 

       Someone who knows a thing or two, can agree that even the most simple plans, like the one that cleaned this church's coffers, can be effective, for the final nail in the coffin is human error. 

       It is unknown as to whether the church will able to recover any losses, but that seems unlikely. 


       Original article can be found here.


                That was the news folks, have a good day, and stay safe out there.


        ----Mad-Architect 

       

           Huawei, the China based telecom giant, is again facing more difficulties in finding a niche in foreign markets, after Western Digital froze Huawei any current business dealings with the company until further notice. 

     This is a severe hit to Huawei, after a report from the company stated that they would likely sell 40 to 60 million less phones, due to US sanctions. Because of this, Huawei is facing difficulties getting a foothold in US markets and abroad, due to fears that their software/hardware could contain backdoors, or even malware.

     This all stems from different pieces of info that have come out recently regarding the company; one major piece being that they are mainly funded by the Chinese military and intelligence arm. This of course raised a lot of eyebrows in the international community, and has given more than one country enough reason to ban them or input heavy sanctions on them. 

     Because of this, Huawei may find it hard to acquire suppliers for most of its components. 


     Original article can be found here.


      That was the news folks, have a good day, and stay safe out there.


      ---Mad-Architect 

                 A UK based charity suffered a bit of embarrassment, when it was discovered that over 1000 emails were open for the public to view. Mermaids, the charity itself, is an organization that seeks to help transgender youngsters, this process happens between the charity and the parents of the children, with that said, a large chunk of the exposed data did pertain to personal details regarding the children.


        What had happened, as cases like this typically tend to go, the information was uploaded and was visible to anyone. When the charity was notified of the exposed info, the info was taken down. Mermaids has also assured people that none of their information was abused in any manner. 


        Original article can be found here.


                  That was the news folks, have a good week, and stay safe out there.



        ---Mad-Architect 

              New version of the Echobot Botnet has appeared, with a threat level similar to Mirai, and bringing 26 new exploits to utilize in breaching systems. This was discovered by a researcher from Akamai, who observed the new botnet in a honeypot system. 

       The new exploits have an advantage that puts the vendors at fault; as some of them are about ten years old, and were never patched by the vendors. The researcher form Akamai stated that attackers are no long using IoT vulnerabilities, but those in web and network devices. As a good number of them are still unpatched by the vendors, hence creating a unique opportunity for attackers to utilize them, or in this case, add them to a botnet. 


       Original article can be found here.


                 That was the news folks, have a good rest of the weekend, and stay safe out there.


        ---Mad-Architect