Security - Image by Ryan McGuire from PixabayThanksgiving last week led to a decline in vendor announcements, though there was a focus on cybersecurity over cyber week. The roundup includes stories from Avast, Checkpoint Software, and Europol. Andy Harris, CTO at Osirium, spoke with Enterprise Times about restoring trust in the idea of privileged access in a podcast.

Avast

Email dating scam discovered

Avast researchers have identified a growing email dating scam that tricks users into sending them money. The scam has existed in some capacity over the last 15 years but has evolved to avoid detection by spam filters. Avast detected and blocked 7,900 attacks in the first week, which ran from October 29th to November 4th, and in the following days, from November 5th to the 14th, Avast detected and blocked more than 70,000 attacks.

This scam appears as an email, usually with a PDF file attached. When a user opens the email, it often contains pictures of a woman, a message ‘from her’, and a link so the user can ‘talk to her’. A creative solution used by this campaign to bypass spam filters is to send a Google Class invitation with the same email content.

In either case, once the link is clicked, the email redirects to a website that asks for your email address and ends with asking the user to pay for a $39.99 subscription to talk to the “woman of your dreams”. People affected by this scam have reported that once they paid the subscription fee, they never received any message from the woman in the email.

Luis Corrons, Avast Security Evangelist, commented, “Scammers take advantage of human weaknesses, in this case of people hoping for an easy way to get in contact with women or even find a partnership. We may sometimes wonder how somebody would fall for a scam, but really, this can happen to anyone in a moment where one doesn’t pay attention.

“We advise people to be mindful at all times in the digital world, however, in order to help protect people, human-centric safety solutions are key so people will be warned in the first place.”

ViperSoftX

Avast researchers have published an in-depth analysis of ViperSoftX,  an information stealer primarily used to steal cryptocurrencies. Avast blocked more than 93,000 ViperSoftX infection attempts globally since January 2022. The top three countries in which Avast blocked ViperSoftX are India, the United States, and Italy, where Avast protected more than 7,000, 6,000 and 5,000 customers.

Jan Rubin, malware researcher at Avast, “We estimate the cybercriminals behind ViperSoftX stole more than $130,000 in cryptocurrencies, stealing Bitcoins, Ethereum, Dogecoins, Bitcoin Cach, Cosmos (ATOM), Tezos, and Dash.

“When people download cracked versions of software, they intend to save money, but all too often they end up losing money. Oftentimes, we see malware disguised as cracked software, and we recommend people to be wary of this and stick to the official software versions. In this case, instead of downloading the desired software, people download an executable file named ‘Activator.exe’ or ‘Patch.exe’, and upon execution, their computers become infected with the information stealer.”

Check Point Software

Check Point has launched the CyberUp program. The initiative will support Israel’s growing network of cybersecurity start-ups by opening up market opportunities with its established customers and providing access to potential investors. As well as guiding successful participants through the crucial stages of growth, CyberUp will give Check Point customers access to cutting-edge Israeli innovation. The first cohort includes:

Each member will participate in a 16-week program exposing the company to the cybersecurity market. It will include introductions to customers and insights from leading CISOs. An expert customer advisory board and bi-weekly meetings at the Check Point Innovation Centre guide the process. One innovative element of the program is the bi-weekly in-person briefings at Check Point’s Innovation Center.

Noa Zilberman created the CyberUp program. Zilberman joined Check Point from Odo Security, a cybersecurity start-up she co-founded. The program will not only act as an accelerator it will also support early-stage companies and the next generation of cyber engineers.

Zilberman commented: “Check Point has been instrumental in the success of many Israeli cyber start-ups. Some 40 companies have been founded by former employees, and almost everyone in the cyber space has crossed paths with Check Point at some stage.”

Europol

Europol launched an operation that arrested 44 individuals across 11 countries suspected of belonging to a high-risk criminal network considered one of the most dangerous in the European Union. The criminal network operated in Lithuania, Latvia, the Czech Republic, Poland, France, Germany and the Slovak Republic and was suspected of drug trafficking, money laundering and illegal enrichment, among others.

The criminal network was structured like a business, with different criminal groups and brokers working together across borders to control the whole chain of drug trafficking – from arranging huge shipments of drugs to distribution throughout Europe and beyond.

Jari Liukku, the Head of Europol’s Serious Organised Crime Centre, said: “Criminals are good at cooperating across borders – operations like this one today shows them law enforcement and judicial authorities can do just as well. The success of this operation shows how powerful and far-reaching our actions can be when we join forces to turn the tables on these high-risk criminals, regardless of where they are located.”

Judicial and law enforcement authorities in Europe, Australia, the United States, Ukraine, and Canada have taken down a website that allowed fraudsters to impersonate trusted corporations or contacts to access sensitive information from victims, a type of cybercrime known as ‘spoofing’. The website is believed to have caused an estimated worldwide loss in excess of GBP 100 million (EUR 115 million). In a coordinated action led by the United Kingdom and supported by Europol and Eurojust, 142 suspects have been arrested, including the main administrator of the website.

Europol’s Executive Director, Ms Catherine De Bolle, said: ”The arrests today send a message to cybercriminals that they can no longer hide behind perceived international anonymity. Europol coordinated the law enforcement community, enriched the information picture and brought criminal intelligence into ongoing operations to target the criminals wherever they are located.  Together with our international partners, we will continue to relentlessly push the envelope to bring criminals to justice.”

Security news from the week beginning 14th November 2022

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here