Cisco to Pay Nearly $2 Billion to Centripetal Networks for Stealing Its Patents

John McAfee arrested in Spain on tax and evasion charges, Iranian threat actors are exploiting Zerologon in the wild, new jailbreak for Macs with T2 chip developed, Team Xecuter group leaders busted

Cisco to Pay $1.89 Billion After Judge Finds The Company Infringed Patents of Centripetal

Cisco Systems was ordered to pay $1.89 billion after a judge ruled that the networking giant infringed four patents belonging to cybersecurity company Centripetal Networks, which focuses on active defense technologies. Centripetal argued that after the two companies held meetings to discuss a partnership, Cisco infringed its patents relating to its Threat Intelligence Gateway network protection system under Title 35 of the United States Code. U.S. District Court Judge Henry Morgan agreed with Centripetal writing that the fact that Cisco released products with Centripetal’s functionality within a year of these meetings goes beyond mere coincidence. (Duncan Riley / SiliconANGLE)

Related: Motley FoolSan Jose Business NewschannelnewsTechmemeThe Register 

John McAfee Arrested in Spain, Faces Tax Evasion and Fraud Charges in the U.S.

Colorful antivirus pioneer and cryptocurrency enthusiast John McAfee was arrested in Spain and faces extradition to the U.S. over tax evasion and fraud. The SEC alleges that McAfee was paid more than $23.1 million worth of cryptocurrency assets for promoting several ICO token sales without disclosing that he was being paid to do so. They also allege that he willfully attempted to evade payment on income taxes owed to the government. (Lucas Matney / TechCrunch)

Related: Reuters: World NewsDark ReadingFinancial Times TechnologyThe IndependentStartups News | Tech NewsThe Mac ObserverEuro Weekly News Spain,  CyberscoopThe VergeCNN.comMercury NewsSiliconANGLEBusiness InsiderRT NewsEuro Weekly News Spain,  Graham CluleyCrowdfund Insider,  PYMNTS.comMashableSlashdotAssociated Press TechnologyJapan Today, Court Listener

Iranian State Actors Are Exploiting Zerologon Vulnerability in the Real World

Microsoft said that a group of Iranian state actors known as MERCURY or MuddyWater exploits the Zerologon vulnerability in the real world. Successful compromises of the vulnerability would allow attackers to take over the domain controllers of most enterprise networks. Mercury's most recent targets included "a high number of targets involved in work with refugees" and "network technology providers in the Middle East." (Catalin Cimpanu / ZDNet)

Related: Security News | Tech TimesZDNetBleeping Computer, Microsoft Security Intelligence

Boom Mobile’s U.S. Website is Skimming Credit Card Data

Boom! Mobile’s boom.us website is infected with payment card data skimming malware which sends the sensitive information to a server under the control of a criminal group researchers have dubbed Fullz House, researchers at Malwarebytes report. Security company Sucuri says that Boom.us is running PHP 5.6.40, a version that hasn’t been supported since January 2019 and has known security vulnerabilities. (Dan Goodin / Ars Technica)

Related: MalwarebytesBleeping Computer

New Technique Can Jailbreak Macs With Latest Line of T2 Security Chips

Top Apple security experts claim they can jailbreak Macs and MacBook devices that include Apple's latest line of T2 security chips by combining two exploits developed for jailbreaking iPhones. This technique can allow attackers to take over full control of the device. (Catalin Cimpanu / ZDNet)

Related: iPhone HacksAppleInsider

Second-Ever UEFI Bootkit Used in the Wild

The second-ever UEFI (Unified Extensible Firmware Interface) rootkit used in the wild, dubbed MosaicRegressor by Kaspersky researchers Mark Lechtik and Igor Kuznetsov who discovered it, has been used by Chinese-speaking hackers in data theft and espionage operations against diplomats and members of non-governmental organizations. MosaicRegressor is a custom version of Hacking Team's VectorEDK bootkit, leaked in 2015. Kasperksy was not able to determine the exact infection vector that allowed the attackers to overwrite the original UEFI firmware, which is the first operating system to boot up when a device is turned on. (Sergiu Gatlan / Bleeping Computer)

Related: isssource.comExtremeTechComputer Weekly,  Ars Technica, Infosecurity MagazineZDNet SecurityThreatpostSecurity AffairsSecurityWeekWired, The Register - Security

Facebook Offers More Details on SilentFade Ad Fraud Gang That Netted $4+ Million

At last week’s VB2020 conference, Facebook security team members offered more color on an ad-fraud cyberattack that occurred between late-2018 and February 2019 that netted the attackers more than $4 million by defrauding users. The gang behind the attack is known internally as SilentFade and uses a combination of a Windows trojan, browser injections, clever scripting, and a bug in the Facebook platform to pull off its thefts. (Catalin Cimpanu / ZDNet)

Related: HackReadCISO MAGCyber News Group

Two Leaders of Videogame Piracy Group Team Xecuter Arrested and Charged

Max Louarn, a French national, and Yuanning Chen, a Chinese national, two leaders of one of the world’s most notorious videogame piracy groups, Team Xecuter, have been arrested and are in custody facing charges filed in U.S. District Court in Seattle. The two men have been charged with 11 counts of wire fraud, conspiracy to commit wire fraud, and money laundering connected with Team Xecuter. (Joe Warminsky / Cyberscoop)

Related: HackReadExploit OneThreatpost, TorrentFreakHackRead, Justice.gov

Venture Funding News

Seattle, WA-based compliance automation start-up Strike Graph has raised $3.9 million in seed funding to automate security audits. Madrona Venture Group led the round with participation from Amplify.LA, Revolution’s Rise of the Rest Seed Fund and Green D Ventures. (FinSMEs)

Related: PYMNTS.comTMC NetEnterprise – TechCrunchGeekWire Original

Kids Get the Job Done

As part of Avast’s Be Safe Online project, a 12-year old Czech girl reported a scam app promoted on TikTok to the cybersecurity firm. The apps were available on Google Play Store as well as Apple’s app store. Avast says the apps were downloaded over 2.4 million times, through which their creators earned around $5,00,000. (Manik Berry / Fossbytes)

Related: Slashdot, CPO Magazine

Tweet of the Day

Photo by Viacheslav Bublyk on Unsplash