More News:

• Fraudulent DMCA Takedowns: An Indian company has been caught filing fake DMCA claims to suppress journalistic content, raising concerns about misuse of copyright laws to stifle free speech.

• 7777 Botnet Origins: The 7777 (Quad7) botnet, previously suspected of APT connections, is now believed to be involved in Business Email Compromise (BEC) rather than advanced persistent threat (APT) activities.

• Windows SmartScreen Bypass: Cybercriminals are exploiting a Windows SmartScreen vulnerability (CVE-2024-21412) to distribute various infostealers, emphasizing the need for prompt security updates.

• Dutch Cybercrime Sentencing: A Dutch man received a three-year prison sentence for developing malicious software, stealing data, and possessing illegal firearms, with a substantial financial penalty.

• Pentagon Hacker Case Dropped: A Kuwaiti court has dismissed charges against a man accused of hacking the Pentagon due to the statute of limitations.

• Globes Cyberattack: Israeli newspaper Globes suffered a significant cyberattack, termed "economic terror," with the specifics of the attack still unclear.

• Hamas Data Leak: A trove of data on Israeli Defense Force soldiers and their families, compiled by Hamas, has been discovered, raising security concerns.

• Suffolk County Ransomware Attack: Suffolk County, NY, faces over $25 million in recovery costs from a ransomware attack linked to the AlphV group, which exploited the Log4Shell vulnerability.

• LA Court Ransomware Attack: The Superior Court of Los Angeles County is offline due to a ransomware attack, coinciding with a global IT outage at CrowdStrike.

• Scattered Spider Arrest: A 17-year-old from the UK has been arrested in connection with the Scattered Spider cybercrime syndicate, known for ransomware attacks.

Cyber Criminal Chronicles

Fake DMCA Takedowns Exposed: Qurium researchers have published a report on an Indian company providing services to file fraudulent DMCA claims, targeting legitimate journalistic content to remove information exposing corruption and crime. This practice raises significant concerns about the misuse of copyright laws to suppress free speech and truthful reporting. Read more.

7777 Botnet's True Origins: Sekoia has analyzed the 7777 (Quad7) botnet, which has been conducting slow-paced brute-force attacks on Microsoft Azure infrastructure. Contrary to rumors linking it to APT groups, researchers believe it is associated with Business Email Compromise (BEC) activities. Discover the details.

Windows SmartScreen Bypass Exploited: Fortinet reports on campaigns exploiting a Windows SmartScreen bypass (CVE-2024-21412) to distribute infostealers like Meduza, Water Hydra, and Lumma Stealer. These attacks highlight the ongoing threats to Windows security and the importance of timely updates. Explore the findings.

3 Years in Prison and €10,580.57 in Damages: A 26-year-old Dutch man has been sentenced to three years in prison, with one year of the sentence suspended, following a conviction for extensive cybercrime. The court's ruling includes a probation period of three years and a requirement for the suspect to pay €10,580.57 in damages to his victims. The individual was found guilty of developing a malicious application used for various cybercriminal activities, acquiring personal data and bitcoins unlawfully, and possessing a firearm and ammunition. Read the court documents.

Pentagon Hacker Case Dropped: A Kuwaiti court has dropped charges against a man accused of hacking the Pentagon, citing the statute of limitations. The suspect was previously detained in London and extradited to Kuwait for crimes committed between 2010 and 2012. Learn more.

Security Breach Trends

Globes Cyberattack: Israeli newspaper Globes has reported a significant cyberattack that occurred last week, disrupting staff access to computers. Describing it as an "economic terror attack" by an advanced international criminal group, the exact nature of the attack—whether data wiper or ransomware—remains unclear. Read more.

Hamas IDF Data Trove: A joint investigation by Austrian, German, and Israeli news outlets has uncovered a data trove compiled by Hamas, containing profiles of Israeli Defense Force soldiers and their families. The data, believed to have been accumulated over several years through various leaks and hacks, raises serious security concerns. Discover the details Read the full report.

Suffolk County Ransomware Attack: Suffolk County, NY, is facing recovery costs exceeding $25 million from a ransomware attack attributed to the AlphV group, which compromised the county's systems via the Log4Shell vulnerability in September 2022. The attack leaked over 400 GB of data, affecting 1.5 million residents. Disputes have arisen over the total costs, with the former IT director suggesting the figures may be inflated. Additional details.

LA Court Ransomware Attack: The Superior Court of Los Angeles County has been offline since last Friday due to a ransomware attack that impacted its internal servers and case management system. The court quickly detected the attack and mitigated most damage by shutting down affected systems. The timing coincided with the global CrowdStrike IT outage. Learn more.

Scattered Spider Arrest: A 17-year-old from Walsall, UK, has been arrested on suspicion of involvement with the Scattered Spider cybercrime syndicate, known for targeting large organizations with ransomware and unauthorized network access. Read more.

Tech Trends & Privacy Protocols

FCC-TracPhone Settlement: The FCC has settled with TracPhone Wireless for $16 million over a data breach involving insecure APIs. The Verizon-owned carrier exposed sensitive customer information through unprotected APIs, leading to three security breaches between January 2021 and January 2023. The settlement requires TracPhone to enhance API security, provide security training for personnel, and undergo annual security assessments. Read more.

Oracle Privacy Lawsuit Settlement: Oracle has agreed to a $115 million settlement in a class-action lawsuit alleging violations of privacy laws. The plaintiffs claimed Oracle collected and sold personal data of hundreds of millions without consent, creating detailed digital profiles. The company recently shut down its advertising business due to significant profit losses. Read more Additional coverage.

Policy & Governance Perspectives

Russia to Ban Smartphones on Frontlines: The Russian government is drafting legislation to ban smartphones for soldiers on the frontline, citing concerns that location data from these devices could reveal troop movements. This move follows reports of Russia using such data to target Ukrainian soldiers. Read more

Ofcom's Global Titles Consultation: UK telecom watchdog Ofcom has launched a public consultation on Global Titles, the addresses used to link mobile networks. These titles have been exploited by surveillance vendors to track smartphone locations. Ofcom is considering banning the leasing of these titles by telecom operators to enhance privacy. Learn more.

DDoS Robot Dog: 404 Media reports that the DHS has acquired a robot dog capable of conducting DDoS attacks on IoT and smart devices within targeted areas. This new tool could disrupt internet-connected devices and infrastructure during operations. Read the full story.

FTC Investigates Surveillance Pricing: The FTC is investigating eight companies, including Accenture, Mastercard, and JPMorgan Chase, over "surveillance pricing" practices. This involves using personal financial data and browsing history to set variable prices for consumers, potentially leading to overcharging. Discover more.

Threat Intelligence Reports

QR Codes and AI-Generated Phishing Threats: A new report from Recorded Future underscores the rising cybersecurity risks associated with QR codes combined with AI-generated phishing attacks. This evolving threat could jeopardize sensitive information and disrupt business operations. Understanding these risks and implementing effective mitigation strategies is crucial to staying ahead of cybercriminals. Read more.

Vulnerability Disclosure Digest

Telegram Zero-Day Fixed

Telegram has addressed a zero-day vulnerability in its Android app, which was previously advertised and sold on an underground hacking forum. This flaw allowed threat actors to deliver malicious payloads disguised as video files. Security firm ESET identified exploits in the wild used to deceive users into installing harmful video players. The issue was patched on July 11. Learn more.

BIND Security Updates: The BIND DNS resolver has released security updates to address four vulnerabilities. These patches are crucial for maintaining the security and stability of DNS services. The vulnerabilities include:

• CVE-2024-4076 Details

• CVE-2024-1975 Details

• CVE-2024-1737 Details

• CVE-2024-0760 Details.

Advanced Cyber Threats

APT28 Exploits Rejetto Vulnerability: Russian cyber-espionage group APT28 (UAC-0063) has been exploiting a vulnerability in Rejetto file-sharing servers, targeting systems across Ukraine since June. The attacks followed a patch released in May. Although South Korean firm AhnLab detected the attacks in July, they did not initially link them to Russian hackers. CISA has added the vulnerability (CVE-2024-23692) to its KEV database. There are over 2.3 million Rejetto servers online. Read more Details on the vulnerability AhnLab’s findings.

Daggerfly's Multi-Platform Threats: Broadcom's Symantec has uncovered that the Chinese APT group Daggerfly (Evasive Panda) is employing a unified framework to develop threats across Windows, Linux, macOS, and Android platforms. This indicates a sophisticated approach to cyber-espionage. Discover more.

Chinese Cybercrime Syndicate's Technology Suite: A sophisticated Chinese cybercrime syndicate involved in money laundering and human trafficking in Southeast Asia has been using an advanced "technology suite" to manage its operations. This suite, including Traffic Direction Systems (TDSs) and DNS services, supports the entire cybercrime process from infection to final user engagement. Learn more.

Industry Cyber Solutions

Wiz Walks Away from Google Deal: Israeli cybersecurity startup Wiz has reportedly withdrawn from a $23 billion acquisition deal with Google, citing antitrust and investor concerns. The move means Wiz, a prominent cloud security firm, is now planning an IPO instead. Had the deal proceeded, it would have been Google's largest acquisition to date. Read more.