Ubiquiti Cops To Extortion Attempt but Is Mum on Other Whistleblower Claims
Krebs says concerns are overblown when it comes to national cyber director delay, Reserve Bank demands forensic audit for Mobikwik, DeepDotWeb founder pleads guilty, much more
Wishing all of our readers a happy Easter and Holi and an easy Passover. Thank you for reading Metacurity!
Networking equipment and IoT device vendor Ubiquiti Networks confirmed some of the details exposed earlier this week by a whistleblower related to a 2020 data breach, including an extortion attempt made against the company by a hacker.
But Ubiquiti denied that hackers had stolen any customer information in the broad intrusion. The company was further silent on other whistleblower claims, including allegations that the company had no logging system in place and it wouldn’t even be able to determine what the hacker accessed. Ubiquiti was also silent on the allegation that hackers might have stolen certificates and files that could allow them to access the Ubiquiti customer devices. (Catalin Cimpanu / The Record)
The Reserve Bank of India has asked troubled digital wallet firm Mobikwik to get a forensic audit done without delay following serious data breach reports surrounding the company.
Earlier this week, a group of hackers on Tuesday said that they accessed personal and financial data of nearly 10 crores or around 100 million Mobikwik customers. (Press Trust of India)
Researchers at FireEye Mandiant say that a previously unknown persistence mechanism allowed adversaries to use Background Intelligent Transfer Service (BITS) to launch malicious payloads on Windows machines stealthily.
To help with incident response and forensic investigations, the researchers have also made available a Python utility called BitsParser to parse BITS database files and extract job and file information for additional analysis. (Ravie Lakshmanan / The Hacker News)
Brazil resident Tal Prihar pleaded guilty in a US court to conspiracy to commit money laundering after charging millions of dollars to connect internet users to dark web marketplaces.
Prihar owned and operated DeepDotWeb along with his co-defendant and fellow Israeli national, 34-year-old Michael Phan. Prihar faces a maximum prison term of 20 years. (Sarah Coble / Infosecurity Magazine)
VMware has addressed a critical vulnerability, tracked as CVE-2021-21982, in the VMware Carbon Black Cloud Workload appliance that could allow attackers to bypass authentication after exploiting vulnerable servers.
The flaw can allow attackers to manipulate an administrative interface URL to obtain valid authentication tokens. (Sergiu Gatlan / Bleeping Computer)
Apple has begun to reject apps created with third-party SDKs integrating data collection that can lead to device fingerprinting.
Apple has been telling the rejected app owners that their apps “algorithmically converted device and usage data to create a unique identifier to track the user.” (John Koetsier / Forbes)
Citing privacy and security reasons, Google will restrict Android apps from seeing what other applications are installed on the same device.
After May 5, Android app developers won’t be able to upload new apps on the Play Store that target Android 11 (API level 30) or later and which use the “QUERY_ALL_PACKAGES” function. (Catalin Cimpanu / The Record)
The former chief of DHS’s Cybersecurity and Infrastructure Security Agency, Chris Krebs, has pushed back on lawmakers’ increasingly urgent demand that the White House name a national cybersecurity director (NCD).
In a series of tweets, Krebs said that he believes Anne Neuberger's appointment as Deputy NatSec Advisor to the President has already addressed many of the concerns that prompted the creation of the NCD. (Justin Katz / FCW)
Related: Government CIO Media
Broward County Schools' computer system, one of the nation’s largest school districts and the second-largest school district in Florida, was hacked by a criminal gang that encrypted district data and demanded $40 million in ransom.
Although the school system says it now has no intentions to pay the ransom, it did, after two weeks of back and forth, offer to pay $500,000, at which point the ransomware criminals apparently ended negotiations. (Terry Spencer and Frank Bajak / Associated Press)
Italian menswear premium brand Boggi Milano has been hit with a ransomware attack. The hackers reportedly stole about 40 gigabytes of corporate data, including human resource files such as salary information.
The Ragnarok group of actors provided Bloomberg with access to documents that it is behind the breach. (Daniel Lepido / Bloomberg)
Cybersecurity standards and framework conformance start-up Kintent said it had raised $4 million in a seed funding round.
Tola Capital led the round with help from a bunch of tech industry angel investors. (Ron Miller / TechCrunch)