Check out our special report from today on the disturbing hacker intrusion of a water treatment plant and the subsequent foiled poisoning of a small Florida town’s water supply. And please think of subscribing to gain access to our archives and premium-only content - monthly costs are only $5 per month, and with enough subscribers, we can deliver even more and better content.

Working with the FBI and authorities in Australia, police in Ukraine arrested one person and carried out raids last week in connection with the author of a U-Admin, a software package used to administer what’s being called “one of the world’s largest phishing services.”

The main arrested is from the Ternopil region and purportedly developed a phishing package and special administrative panel for the product responsible for 50% of phishing attacks in Australia. (Brian Krebs / Krebs on Security)

Related: ZDNet, The Hacker News

CD Projekt Red, the maker of the popular video game Cyberpunk 2077, has been hit with a ransomware attack and says it will refuse to negotiate with the hackers.

The hackers claim to have copied code from Cyberpunk 2077, Gwent, and Witcher 3, including an unreleased version of the latter. “We have also dumped all of your documents relating to accounting, administration legal, HR, investor relations, and more!” the hacker’s ransomware note added. (Joe Tidy / BBC News)

Related: VentureBeat, Guru3D.com, Engadget, Bleeping Computer, The Verge, ZDNet

CD PROJEKT RED @CDPROJEKTRED

Important Update

February 9th 2021

7,799 Retweets42,732 Likes

Researchers at Malwarebytes say the Barcode Scanner app, made by LavaBird LTD, that appeared in the Google Play store for years and had been downloaded more than ten million times, became malware that served up ad pages without direct action by device owners.

The app was more than adware, however, with code added to layer on heavy obfuscation. (Joe Warminsky / Cyberscoop)

Related: Reddit - cybersecurity, SlashGear, ibtimes.sg: Top News, The Register, Malwarebytes, Dark Reading, Dark Reading, Android Police, Blogs | Zscaler, Blogs | Zscaler, Gizmodo, Bleeping Computer, HotHardware.com, HackRead, Ars Technica, Android Central

Follow Us on Twitter

Researchers at Check Point say that Iranian hacking group Domestic Kitten or APT-50 is running two online surveillance operations targeting 1,200 dissidents in Iran and twelve other countries.

The group uses novel techniques to install spyware on the targets’ phones, with 600 of the targeted individuals actively infected with the malware. (Gordon Corera / BBC News)

Related: Check Point Research, ZDNet, Security Affairs, Iran International, Security Affairs, Exploit One, SecurityWeek, Arab News, Slashdot, The Hacker News, Cyberscoop, Checkpoint

A new phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment.

A phishing email sent as part of this campaign includes JavaScript that maps letters and numbers to Morse code.  (Lawrence Abrams / Bleeping Computer)

Related: Techradar, IT Pro, Security Affairs, Reddit

@mikko @mikko

A malware attachement that uses MORSE CODE to bypass mail filters. reddit.com/r/sysadmin/com… Via @Sarkies_Proxy

February 6th 2021

594 Retweets1,931 Likes

vx-underground @vxunderground

We got our hands on the Morse Code encoded malware attachment! If you'd like to check it out for fun, or do your blue team stuff, you can download it here:

February 7th 2021

21 Retweets118 Likes

WordPress security company Wordfence said a patch was issued for a cross-site request forgery flaw in the NextGen Gallery WordPress plugin.

The plugin, which is installed on 800,000 WordPress websites, allows sites to upload photos in batch quantities, import metadata, and edit image thumbnails. (Lindsey O’Donnell / Threatpost)

Related: Bleeping Computer, Blog – Wordfence

Researchers at ESET report that there has been 768% growth in Remote Desktop Protocol (RDP) attacks over the course of 2020, given the rise of RDP use in work from home arrangements.

Sometimes the RDP has been misconfigured, which makes the attackers’ jobs easier. (Danny Palmer / ZDNet)

Related: DataBreaches.net, We Live Security

Get 50% off for 1 year

Personal information from patients and employees of Leon Medical Centers, which runs eight facilities in Florida, and Nocona General Hospital, which has three facilities in Texas, were exposed after hackers reportedly published tens of thousands of records online.

The compromised information includes patients’ names, addresses and birthdays, medical diagnoses and letters to insurers, and background checks on hospital staff. (Kevin Collier / NBC News)

Related: CISO MAG, Cybereason Blog, teiss, Infosecurity Magazine, SC Magazine

Microsoft will add a new security alert to Microsoft Defender's dashboard for Office 365 to alert companies when nation-state actors have targeted their employees.

The feature was added to the Microsoft 365 roadmap website. (Catalin Cimpanu / ZDNet)

Related: TechTarget, Slashdot

Google has launched the Open Source Vulnerabilities (OSV) website that provides access to a vulnerability database on open-source projects and help maintainers and consumers of open source projects.

The OSV aims to address issues around the triage of newly discovered bugs via automation. (Liam Tung / ZDNet)

Related: SecurityWeek, Help Net Security

Photo by Eugene Chystiakov on Unsplash