Afternoon Dessert - 2022-10-27

Welcome to another Afternoon Dessert breakout:

Ransomware: Open Source to the Rescue
Automobile, Energy, Media, Ransomware?When thinking about verticals, one may not instantly think of cyber-criminality. Yet, every move made by governments, clients, and private contractors screams toward normalizing those menaces as a new vertical. Ransomware has every trait of the classical economical vertical. A thriving ecosystem of insurers, negotiators, software providers, and managed
Read more....

Fodcha DDoS botnet reaches 1Tbps in power, injects ransoms in packets
A new version of the Fodcha DDoS botnet has emerged, featuring ransom demands embedded in packets and new features to evade detection of its infrastructure. [...]
Read more....

New York Post hacked with offensive headlines targeting politicians
New York Post confirmed today that it was hacked after its website and Twitter account were used by the attackers to publish offensive headlines and tweets targeting U.S. politicians. [...]
Read more....

British Hacker Charged for Operating "The Real Deal" Dark Web Marketplace
A 34-year-old U.K. national has been arraigned in the U.S. for operating a dark web marketplace called The Real Deal that specialized in the sales of hacking tools and stolen login credentials. Daniel Kaye, who went by a litany of pseudonyms Popopret, Bestbuy, UserL0ser, and Spdrman, has been charged with five counts of access device fraud and one count of money laundering conspiracy. Kaye was
Read more....

Researchers Expose Over 80 ShadowPad Malware C2 Servers
As many as 85 command-and-control (C2) servers have been discovered supported by the ShadowPad malware since September 2021, with infrastructure detected as recently as October 16, 2022. That's according to VMware's Threat Analysis Unit (TAU), which studied three ShadowPad variants using TCP, UDP, and HTTP(S) protocols for C2 communications. ShadowPad, seen as a successor to PlugX, is a modular
Read more....

Online ticketing company “See” pwned for 2.5 years by attackers
Don't be a cybersecurity slowcoach - you need to spot possible attacks as soon as you can.
Read more....

S3 Ep106: Facial recognition without consent – should it be banned?
Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!
Read more....

Drinik Android malware now targets users of 18 Indian banks
A new version of the Drinik Android banking trojan targets 18 Indian banks, masquerading as the country's official tax management app to steal victims' personal information and banking credentials. [...]
Read more....

Twilio discloses another hack from June, blames voice phishing
Cloud communications company Twilio disclosed a new data breach stemming from a June 2022 security incident where the same attackers behind the August hack accessed some customers' information. [...]
Read more....

Australian Clinical Labs says patient data stolen in ransomware attack
Australian Clinical Labs (ACL) has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people. [...]
Read more....