Up to 83% of known compromised passwords would satisfy regulatory requirements
On Tuesday, Specops, a provider of password management and authentication solutions, released findings from its latest research of over 800 million known compromised passwords. The findings showed that up to 83% of passwords that appear in compromised password databases would satisfy regulatory password standards. The passwords were compared to the regulatory standard rules of NIST, HIPAA, PCI, GDPR and the UK’s National Cyber Security Centre. The full report is available at specopssoft.com.
(Specops)
Broadcom confirms deal to acquire VMware
Following up on a story we brought you on Tuesday, chipmaker Broadcom has ended days of speculation about its plans to acquire VMware by confirming it is on course to purchase the virtualization and multicloud software firm for $61bn. In a statement outlining the terms and conditions of the deal, the company said the Broadcom Software Group will be renamed VMware, and their software portfolios will effectively be merged.
Experts warn of rise in ChromeLoader malware hijacking users’ browsers
A malvertising threat is witnessing a new surge in activity since its emergence earlier this year. Dubbed ChromeLoader, the malware is a “pervasive and persistent browser hijacker that modifies its victims’ browser settings and redirects user traffic to advertisement websites,” Aedan Russell of Red Canary said in a new report. ChromeLoader is a rogue Chrome browser extension and is typically distributed in the form of ISO files via pay-per-install sites and baited social media posts that advertise QR codes to cracked video games and pirated movies.
Google shut down caching servers at two Russian ISPs
Two Russian internet service providers (ISPs) have received notices from Google that the global caching servers on their network have been disabled. A caching server is an ISP-bound node for fast serving Google content faster to internet subscribers and maintain high access reliability even during outages. The caching is most important for popular YouTube content that ISPs can store on servers and load quicker, giving their subscribers a better connection experience. Russian news outlets attempted to confirm which entities have been affected by this sudden move and verified that Radiosvyaz (Focus Life) and МФТИ-Телеком (MIPT Telecom) are currently affected by Google’s decision.
Thanks to today’s episode sponsor, Optiv
– An introduction to Zero Trust
– An overview of Optiv’s Zero Trust principles
– How to visualize your Zero Trust journey and place it in the proper context
Catch Jerry’s Zero Trust crash course or learn more by going to www.optiv.com/zerotrust.
New ERMAC 2.0 Android malware steals accounts, wallets from 467 apps
The ERMAC Android banking trojan has released version 2.0, increasing the number of applications targeted from 378 to 467, covering a much wider range of apps to steal account credentials and crypto wallets. The goal of the trojan is to send stolen login credentials to threat actors, who then use them to take control of other people’s banking and cryptocurrency accounts and conduct financial or other forms of fraud. ERMAC is currently sold to members of darknet sites at a subscription rate of $5,000 per month, which is $2k over the price tag of the first version, reflecting the upgrade in features and its popularity.
Users of Tails OS warned away until Tor browser flaw is fixed
The maintainers of the Tails project (The Amnesic Incognito Live System) warn users that the Tor Browser bundled with the OS could expose their sensitive information. Tails is a security and privacy-oriented Linux distribution, with a portable operating system that protects against surveillance and censorship. The root cause of the alert is two critical zero-day issues, tracked as CVE-2022-1802 and CVE-2022-1529, in the Firefox browser that was addressed by Mozilla in May. The vulnerabilities were reported by Manfred Paul during the Pwn2Own 2022 hacking contest that took place in Vancouver last week.
Hotels using NFTs to create a StubHub for lodging reservations
To avoid getting stuck with excess inventory when guests cancel at the last minute some hotel owners are now converting room nights for sale into nonfungible tokens, NFTs, that can be bought or sold by hotel guests, similar to the StubHub market for concert and sporting event tickets. Owners say this ensures they get paid for the rooms because guests would sell their reservation in the market if they decide not to go, and that it would appeal to the crypto-enthusiastic traveler who might not want to book through traditional means. By using this system, guests can apparently book a room at a discount to what the hotel would charge for a refundable reservation.
Suspected phishing email crime boss cuffed in Nigeria
Interpol and police in Africa have arrested a Nigerian man suspected of running a multi-continent cybercrime ring that specialized in business email compromise. The 37-year-old’s detention is part of a year-long, counter-BEC initiative code-named Operation Delilah that involved international law enforcement, and started with intelligence from cybersecurity companies Group-IB, Palo Alto Networks Unit 42, and Trend Micro. According to the organizations involved, Op Delilah, which began in May 2021, is another success story coming out of Interpol’s Cyber Fusion Center, a public-private initiative between law enforcement and industry analysts based in Singapore.