Blog #Cybersecurity Trends

Microsoft has taken down 240 phishing websites and disrupted the ONNX phishing service, which it claims is operated by an Egyptian man named Abanoub Nady, also known as MRxC0DER.

The U.S. Department of Justice has taken down PopeyeTools, a major cybercriminal marketplace active since 2016, and arrested three alleged administrators.

Palo Alto Networks has released patches for two zero-day vulnerabilities exploited in "Operation Lunar Peek," a targeted cyberattack campaign. The critical vulnerability, CVE-2024-0012, is an authentication bypass flaw that allows unauthenticated attackers to gain administrative privileges via the PAN-OS management interface exposed to the internet.

The Cybersecurity and Infrastructure Security Agency (CISA) has introduced a new Venue Guide for Security Considerations to help venue operators enhance safety and implement effective security measures.

A recent Facebook malvertising campaign exploited Meta’s advertising platform to distribute malware disguised as a Bitwarden security update. Cybersecurity researchers at Bitdefender revealed that the campaign targeted business accounts, tricking users into installing malicious Chrome extensions.

In 2016, approximately 120,000 bitcoin, then worth $71 million, were stolen in a hack on the Bitfinex cryptocurrency exchange. By 2022, as the value of the stolen cryptocurrency soared to $4.5 billion, law enforcement arrested Ilya Lichtenstein and Heather Morgan for their involvement in the theft and laundering of the funds, recovering $3.6 billion at the time.

Ahold Delhaize, a leading food retailer, experienced a cybersecurity incident affecting its US brands, including Giant Food and Hannaford.

ShrinkLocker, discovered in May 2024, is a ransomware that uses older techniques like VBScript and built-in Windows features, making it simpler yet effective. Unlike modern ransomware that relies on complex encryption, ShrinkLocker modifies BitLocker configurations to encrypt drives, first checking if BitLocker is enabled and installing it if necessary.

Microsoft’s November 2024 Patch Tuesday update addresses 91 security vulnerabilities, including four zero-day flaws, with two actively exploited in the wild.

A self-described "data vigilante" known as Nam3L3ss has leaked nearly 8 million employee records from 27 major companies, including Amazon, 3M, HP, and Delta, exploiting the MOVEit vulnerability.

Halliburton, a major U.S. oilfield services provider, reported that expenses from a recent cybersecurity breach reached $35 million by September. The breach, disclosed on August 22, involved unauthorized access to some corporate systems, prompting an immediate investigation and partial shutdown to contain the damage.

In recent months, the U.S. has seen a rise in prison sentences for Nigerian cybercriminals, with some receiving lengthy terms. Babatunde Francis Ayeni, a Nigerian national extradited from the UK, was sentenced to 10 years for his involvement in a business email compromise (BEC) scheme targeting real estate transactions.