Google Caught Hackers Using a Mac Zero-Day Against Hong Kong Users

"The nature of the activity and targeting is consistent with a government backed actor," the Google researchers say.


Robinhood Hackers Accessed Internal Tool for Removing Account Security Features, Screenshots Show

Robinhood told Motherboard that based on its investigation, the hackers did not make changes to any customer accounts.


HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks - Microsoft Security Blog

HTML smuggling, a highly evasive malware delivery technique that leverages legitimate HTML5 and JavaScript features, is increasingly used in email campaigns that deploy banking malware, remote access Trojans (RATs), and other payloads related to targeted attacks.

Microsoft Security Blog

Executive Pleads Guilty in Internet Address Fraud Case

WASHINGTON-A technology executive pleaded guilty to federal wire-fraud charges on Tuesday, closing an obscure but potentially influential case that could shape future criminal prosecutions involving companies that provide bedrock internet services to customers. Amir Golestan entered a plea on behalf of himself and his company, Micfo, at the end of the second day of a trial in federal court in Charleston, S.C., according to court records.


Alleged FIN7 scammer Denys Iarmak is set to plead guilty - CyberScoop

An alleged member of the FIN7 hacking group is set to plead guilty, admitting to a role in a criminal organization that used front companies and array of fraud techniques to steal more than $1 billion from victims worldwide, CyberScoop has learned.


Emotet botnet returns after law enforcement mass-uninstall operation

The Emotet botnet is active again, ten months after Europol took down its command and control servers. Law enforcement also mass-uninstalled Emotet from infected computers on April 25, this year. New Emotet servers and malware samples have been seen on Sunday, November 14.

The Record by Recorded Future

Analyzing a watering hole campaign using macOS exploits

To protect our users, TAG routinely hunts for 0-day vulnerabilities exploited in-the-wild. In late August 2021, TAG discovered watering hole attacks targeting visitors to Hong Kong websites for a media outlet and a prominent pro-democracy labor and political group.


The Biggest Ransomware Bust Yet Might Actually Make an Impact

Europol also announced on Monday that Romanian law enforcement recently arrested two suspected REvil affiliates who allegedly perpetrated 5,000 ransomware attacks and extorted close to $600,000 from victims. Justice Department officials referenced this and other recent global law enforcement operations in their remarks on Monday.


A Whole-of-Government Approach to Combatting Ransomware: Examining DHS's Role | House Committee on Homeland Security

Witnesses Hon. Robert Silvers, Office of Strategy, Policy, and Plans U.S. Department of Homeland Security Mr. Brandon Wales, Executive Director, Cybersecurity and Infrastructure Security Agency, U.S. Department of Homeland Security Mr. Jeremy Sheridan, Assistant Director of Investigations, U.S. Secret Service, U.S. Department of Homeland Security Documents


Cyber agency beefing up disinformation, misinformation team

The Cybersecurity and Infrastructure Security Agency (CISA) is beefing up its disinformation and misinformation team in the wake of a divisive presidential election that saw a proliferation of misleading information online. "I am actually going to grow and strengthen my misinformation and disinformation team," CISA Director Jen Easterly said during virtual remarks at the RE:WIRED conference on Wednesday.


Massive Zero-Day Hole Found in Palo Alto Security Appliances

Researchers have developed a working exploit to gain remote code execution (RCE) via a massive vulnerability in a security appliance from Palo Alto Networks (PAN), potentially leaving more than 70,000 vulnerable firewalls with their goods exposed to the internet.