Blog #Cybersecurity Trends

A recent Facebook malvertising campaign exploited Meta’s advertising platform to distribute malware disguised as a Bitwarden security update. Cybersecurity researchers at Bitdefender revealed that the campaign targeted business accounts, tricking users into installing malicious Chrome extensions.

In 2016, approximately 120,000 bitcoin, then worth $71 million, were stolen in a hack on the Bitfinex cryptocurrency exchange. By 2022, as the value of the stolen cryptocurrency soared to $4.5 billion, law enforcement arrested Ilya Lichtenstein and Heather Morgan for their involvement in the theft and laundering of the funds, recovering $3.6 billion at the time.

Ahold Delhaize, a leading food retailer, experienced a cybersecurity incident affecting its US brands, including Giant Food and Hannaford.

ShrinkLocker, discovered in May 2024, is a ransomware that uses older techniques like VBScript and built-in Windows features, making it simpler yet effective. Unlike modern ransomware that relies on complex encryption, ShrinkLocker modifies BitLocker configurations to encrypt drives, first checking if BitLocker is enabled and installing it if necessary.

Microsoft’s November 2024 Patch Tuesday update addresses 91 security vulnerabilities, including four zero-day flaws, with two actively exploited in the wild.

A self-described "data vigilante" known as Nam3L3ss has leaked nearly 8 million employee records from 27 major companies, including Amazon, 3M, HP, and Delta, exploiting the MOVEit vulnerability.

Halliburton, a major U.S. oilfield services provider, reported that expenses from a recent cybersecurity breach reached $35 million by September. The breach, disclosed on August 22, involved unauthorized access to some corporate systems, prompting an immediate investigation and partial shutdown to contain the damage.

In recent months, the U.S. has seen a rise in prison sentences for Nigerian cybercriminals, with some receiving lengthy terms. Babatunde Francis Ayeni, a Nigerian national extradited from the UK, was sentenced to 10 years for his involvement in a business email compromise (BEC) scheme targeting real estate transactions.

Google announced patches for over 40 vulnerabilities as part of Android’s November 2024 security update, including two flaws that have been actively exploited. The first, tracked as CVE-2024-43047, was disclosed last month after evidence of in-the-wild exploitation was found by Amnesty International and Google’s Threat Analysis Group (TAG).

Newpark Resources, a Texas-based oilfield supplier, recently reported a ransomware attack that impacted its information systems and business applications. The company detected the breach on October 29 and responded by initiating a cybersecurity response plan.

Cybersecurity researchers at Socket Security have discovered a malicious Python package called "Fabrice" on PyPI, which has been covertly stealing AWS credentials from developers for three years.

The Androxgh0st botnet, which initially targeted web servers, has evolved by integrating components from the Mozi botnet, a notorious malware that primarily infects IoT devices. According to CloudSEK researchers, this integration allows Androxgh0st to expand its reach, leveraging Mozi’s payloads and propagation mechanisms to infect a wider array of IoT devices.