Afternoon Dessert - 2022-07-26

Welcome to another Afternoon Dessert breakout:

No More Ransom helps millions of ransomware victims in 6 years
The No More Ransom project celebrates its sixth anniversary today after helping millions of ransomware victims recover their files for free. [...]
Read more....

Hackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection
As many as 207 websites have been infected with malicious code designed to launch a cryptocurrency miner by leveraging WebAssembly (Wasm) on the browser. Web security company Sucuri, which published details of the campaign, said it launched an investigation after one of its clients had their computer slowed down significantly every time upon navigating to their own WordPress portal. This
Read more....

Using Account Lockout policies to block Windows Brute Force Attacks
A strong account lockout policy is one of the most effective tools for stopping brute force authentication attempts on Windows domains. Learn how to add one to your organization's Windows Active Directory. [...]
Read more....

U.S. doubles reward for tips on North Korean-backed hackers
The U.S. State Department has increased rewards paid to anyone providing information on any North Korean-sponsored threat groups' members to $10 million. [...]
Read more....

Hackers steal $6 million from blockchain music platform Audius
The decentralized music platform Audius was hacked over the weekend, with threat actors stealing over 18 million AUDIO tokens worth approximately $6 million. [...]
Read more....

T-Mobile to cough up $500 million over 2021 data breach
Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach.
Read more....

4 Steps Financial Industry Can Take to Cope With Their Growing Attack Surface
The financial services industry has always been at the forefront of technology adoption, but the 2020 pandemic accelerated the widespread of mobile banking apps, chat-based customer service, and other digital tools. Adobe's 2022 FIS Trends Report, for instance, found that more than half of the financial services and insurance firms surveyed experienced a notable increase in digital/mobile
Read more....

Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware
Cybersecurity researchers have reiterated similarities between the latest iteration of the LockBit ransomware and BlackMatter, a rebranded variant of the DarkSide ransomware strain that closed shop in November 2021. The new version of LockBit, called LockBit 3.0 aka LockBit Black, was released in June 2022, launching a brand new leak site and what's the very first ransomware bug bounty program,
Read more....

New Android malware apps installed 10 million times from Google Play
A new batch of malicious Android apps filled with adware and malware was found on the Google Play Store that have been installed close to 10 million times on mobile devices. [...]
Read more....

Microsoft: IIS extensions increasingly used as Exchange backdoors
Microsoft says attackers increasingly use malicious Internet Information Services (IIS) web server extensions to backdoor unpatched Exchange servers as they have lower detection rates compared to web shells. [...]
Read more....