AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 01/21/2022

FireEye & McAfee Enterprise Renamed as Trellix

The company created from the merger of security firms McAfee Enterprise and FireEye will be called Trellix, with an aim to become a force in the field of extended detection and response (XDR). In March 2021, Symphony Technology Group (STG) acquired the McAfee Enterprise business for $4 billion. A few months later, STG bought FireEye’s products business for $1.2 billion in a deal that separated FireEye’s network, email, endpoint, and cloud security products, and its related security management and orchestration platform, from Mandiant’s software and services. News that STG intended to combine the companies arrived last fall, when officials shared their plan to create an organization with 5,000 employees, more than 40,000 customers, and nearly $2 billion in revenue. Bryan Palma, former executive vice president for FireEye’s products business, was appointed CEO.


2FA compromise led to $34M Crypto.com hack

Crypto.com shared new details about a recent hack on its platform last weekend in a statement on its website today, saying 483 of its users were affected and that unauthorized withdrawals of over $15 million worth of ETH, $19 million worth of BTC, and $66,200 in “other currencies” occurred. The total losses, worth over $34 million at current cryptocurrency values, are even higher than what analysts had predicted before Crypto.com released its statement. The company’s post-mortem comes just one day after CEO Kris Marszalek acknowledged the breach in an interview with Bloomberg TV. His confirmation of the breach came after multiple Crypto.com users alleged their funds had been stolen — complaints that had until then been met with vague responses from the company, referring only to an “incident.” Marszalek did not share details on how the breach occurred during the interview, though he did confirm that Crypto.com had reimbursed all the impacted accounts.


Pirates Spammed an Infamous Soviet Short-wave Radio Station with Memes

Pirates hijacked an infamous short-wave radio station, which dates from the Soviet era but is still online today, and used it to broadcast everything from Gangnam Style to audio that draws memes when inspected under a spectrum analyzer. For decades the numbers station known as UVB-76 has emitted an enigmatic series of beeps and a voice reading numbers and names, in what people suspect is a long running communications method for Russian intelligence. Since the broadcast is public, pirates are able to use their software-defined radio (SDR) transmitters to effectively flood the frequencies with noise and memes.


Jail for prolific romance fraudster who fleeced besotted lonely hearts

To his victims, he was “Tony Eden,” a middle-aged white man looking for romance online while working overseas for a drilling company. In reality, he was a school caretaker named Osagie Aigbonohan. Originally from Lagos, Nigeria, he was part of a criminal gang with links to the notorious “Black Axe” group. Southwark Crown Court in London sentenced 41-year-old Aigbonohan to 28 months in jail after hearing how he conned several women out of thousands of pounds and targeted hundreds more. As the UK’s National Crime Agency (NCA) describes, Aigbonohan used a fake name when meeting women on dating sites and befriending them. As the online relationships developed over many months, “Tony Eden” would tell a sob story about how a terrible accident at the drilling site had left people dead – and that he had run out of money to pay for the victims’ funerals. He claimed that he needed funds to hire new equipment while he waited for an insurance payout.


BBB Scam Alert: Lost pet? Watch out for this scam

You recently lost your pet, so you turn to social media to alert friends and neighbors. You create a public post – or even a group – to help spread the word. You share your phone number and other details, so people can easily reach you. A few days later, you get a text message from someone claiming to have found your lost dog or cat. You ask them to describe your pet and/or send a photo, but the conversation quickly takes a strange turn. The scammer will give excuses, such as being out of town or not having a working smartphone, for why they can’t snap a photo. Instead, the person will pressure you for money (or a gift card) to return your pet. Although you may be tempted to do anything to see your dog or cat returned safely, don’t pay up! The scammer doesn’t have your pet. They will just take the money and disappear. 


Google Drive starts warning users about suspicious files

“We will display a warning banner to help protect [users] and their organization from malware, phishing and ransomware. These warnings are already available when opening Google Docs, Sheets, Slides, and Drawings,” Google noted. Administrators and end users don’t have to do anything – the alerts will start appearing within 15 days. The introduction of Google’s new protective measure comes a week after Netskope’s January 2022 Cloud and Threat Report revealed that cloud-delivered malware is now more prevalent than web-delivered malware, and that Google Drive emerged as the app with the most malware downloads in 2021, taking over that spot from Microsoft OneDrive in 2020.


Related Posts