President Day's Special Issue: Egregor Members Busted in Ukraine

Microsoft CEO says SolarWinds hack 'most sophisticated' the world has seen, Number of malicious web shells doubled since August, Joker's Stash founder retires with over $1 billion, much more

Tell your corporate colleagues they can get a bulk discount on Metacurity subscriptions for half the cost of individual subscriptions. We’re also available to discuss more significant bulk discounts to cut the cost per reader even lower. Email info@metacurity.com and sign up below.

Get 50% off for 1 year

Members of the notorious ransomware-as-a-service (RaaS) Egregor ransomware cartel have been arrested this week in Ukraine following a joint Franch-Ukraine investigation, according to law enforcement sources. However, they have made no formal announcement.

Press reports suggest the arrested suspects provided hacking, logistical, and financial support for the Egregor gang. (Catalin Cimpanu / ZDNet)

Related: Reddit - cybersecurityIT WireBleeping ComputerTechDator

Speaking on a 60 Minutes segment devoted to the SolarWinds hack, Microsoft President Brad Smith branded the supply chain breach as “the largest and most sophisticated attack the world has ever seen.”

“When we analyzed everything that we saw at Microsoft, we asked ourselves how many engineers have probably worked on these attacks. And the answer we came to was, well, certainly more than 1000,” Smith said. (Bill Whitaker / CBS)

Related: Reuters

Microsoft said that the number of malicious web shells installed on web servers has almost doubled since its last count in August 2020.

The Redmond giant said it detected roughly 140,000 web shells per month between August 2020 and January 2021, up from the 77,000 average it reported last year. (Catalin Cimpanu / ZDNet)

Related: Security AffairsArs Technica, IT ProBleeping ComputerSecurity Affairs, Microsoft

Canadian Discount Car and Truck Rentals has been hit with a DarkSide ransomware attack where the hackers claim to have stolen 120GB of data.

On Monday, February 15, the company’s website says it is still beset by technical issues and advises customers to call via phone. (Lawrence Abrams / Bleeping Computer)

Related: Reddit - cybersecurityTechDator

Telegram fixed a security issue where self-destructing audio and video files were not being deleted from user's macOS devices as expected when users were using “Secret Chat” mode.

Security researcher Dhiraj Mishra said he discovered a vulnerability in the Secret Chat feature on Telegram 7.3 where self-destructing media were not deleted from recipients' devices. (Lawrence Abrams / Bleeping Computer)

Related: Security AffairsAndroid CentralWCCFtechThe Next WebThe Hacker NewsThe Daily SwigHOTforSecurity, Cyber Kendra

The U.S. Justice Department sentenced Ukrainian Aleksandr Musienko under a plea deal to an 87-month prison term and $98,751.64 in restitution for his role helping launder money for Eastern Europeans who hacked into U.S. bank accounts.

Musienko, who sometimes used the alias Robert Davis, “partnered with Eastern European computer hackers to obtain over $3 million from U.S. victims’ bank accounts and launder the stolen funds from U.S. bank accounts overseas,” the Justice Department said. (Joe Warminsky / Cyberscoop)

Related: News 112.internationalJustice.gov, Security Week

US cloud service provider Accellion has announced the end-of-life for its FTA product after the software has been abused in a spate of recent high-profile attacks.

The Reserve Bank of New Zealand, the Australian Securities and Investments Commission (ASIC), law firm Allens, the University of Colorado, the Washington State Auditor Office, the QIMR Berghofer Medical Research Institute, and Singtel were among the victims of the attacks. (Catalin Cimpanu / ZDNet)

Related: CISO MAGDataBreachToday.comHelp Net Security

Australia’s information and privacy commissioner Angelene Falk ordered the country’s Department of Home Affairs to pay 1,300 detainees up to $20,000 each in compensation after their personal information was published online.

The Department was found to have interfered in the privacy of 9251 people in detention when it mistakenly published their personal information online in 2014, 1,300 of whom gave evidence of loss or damage in proceedings against the Department. (Jade Gailberger / NCA Newswire)

Related: iTnews - SecurityThe MandarinZDNet SecurityThe Guardian

Russian internet and search company Yandex said that one of its system administrators had enabled unauthorized access to thousands of user mailboxes, which led to the compromise of almost 5,000 Yandex email inboxes.

Following this incident, Yandex said it would make changes to the administrative access procedure to increase user data security. (Ionut Ilascu / Bleeping Computer)

Related: Reddit - cybersecurityThe Hacker NewsBleeping ComputerDataBreaches.netTechDatorThreatpostSecurity Affairs, Reddit - cybersecurityTechWormTechDatorSecureReadingExploit OneCyber KendraDataBreachToday.com

Following a report by the Stanford Internet Observatory criticizing the hot new U.S.-based social media audio app Clubhouse for containing security flaws that left users' data vulnerable to access by the Chinese government, Clubhouse said it had identified areas where it needs to beef up its security protections.

Even though Clubhouse is not making its app available in China, Chinese users have found workarounds to get it, leaving them vulnerable to punitive government actions if they discuss sensitive issues such as Xinjiang detention camps and Hong Kong's National Security Law. (Brenda Goh / Reuters)

Related: Tech InsiderTech InsiderMalay Mail - All, Stanford Internet Observatory, Economic TimesiPhone HacksAppleInsiderGulf News TechnologyMashableTech Insider

Follow Us on Twitter

Researchers at mobile API protection company Aproov tested 30 mobile health apps for clinicians found that all of them had vulnerable APIs.

Out of the apps analyzed, 77 percent of them contained hardcoded API keys, allowing hackers to access information exchanges. All of them lacked certificate pinning, enabling man-in-the-middle attacks. (Becky Bracken / Threatpost)

Related: HealthITSecurityDatbreaches.netPogoWasRight.org, Approov

According to cryptocurrency forensics firm Elliptic, the founder of one of the most popular carding marketplaces, Joker’s Stash, has retired, having amassed a fortune of over $1 billion.

By February 15th today, when Joker’s Stash said it would cease operations, the site has taken in a total of at least 60,000 bitcoins, which today has a value of $2.5 billion. (Tom Robinson / Elliptic)

Related: Security AffairsHomeland Security

A World Economic Forum report says that cybercrime stands alongside COVID-19, climate change, and the debt crisis as one of the biggest threats facing society in the next decade.

The WEF’s Global Risks Report says that cyberattacks pose a more significant risk than terrorism and are potentially catastrophic in both the short and long term. (IT Governance)

Related: CSA.gov.sg, World Economic Forum

Real-life Soviety Spy gadgets from the short-lived KGB Espionage Museum, including miniature cameras, microphones hidden in cigarette packs, pens, rings, and a poison-filled tooth, went on sale at Juliens Auctions on February 13th.

Spy enthusiasts were also able to bid on Cold War relics, such as letters signed by Cuba’s communist revolutionary leader Fidel Castro. (Radio Free Europe / Radio Liberty)

Related: Art & Object, Wall Street Journal, Forbes

Photo by Dmitry Demidko on Unsplash