Cybersecurity agencies in the U.S. and Canada warned Thursday that threat actors are using new TrueBot malware variants to steal data from victims. In an advisory co-written by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS), the organizations said that as recently as May 31 they observed a surge in financially motivated TrueBot activity.
Shell, the multinational oil and gas company, has confirmed that it is the victim of a MOVEit hack, revealing that personal information regarding its employees was compromised. According to a July 5 statement: “A cybersecurity incident has impacted a third-party software from Progress called MOVEit Transfer, which was running on a Shell IT platform. MOVEit Transfer is used by a small number of Shell employees and customers. This was not a ransomware event. There is no evidence of impact to any other Shell IT systems. Our IT teams are investigating. Some personal information relating to employees of the BG Group has been accessed without authorization.”
A week ago, most people hadn’t even heard of Threads, Meta’s new Twitter rival. Fast-forward to now and Threads is the most rapidly downloaded app ever, having reached 30 million users just 16 hours after launch. Threads collects a lot of data. According to the privacy label, which I sourced from Apple’s App store, data linked to you includes your location, health and fitness information, browsing history, “sensitive information” and search history. This also includes your contact information such as physical address, email and phone number.
The usage of platforms like Cash App, Zelle, and Venmo for peer-to-peer payments has experienced a significant surge, with scams increasing by over 58%. Additionally, there has been a corresponding rise of 44% in scams stemming from the theft of personal documents, according to IDIQ. The report also highlights the rise of AI voice scams as a significant trend in 2023. AI voice technology enables scammers to create remarkably realistic voices and convincingly imitate family members, friends and other trusted individuals. “AI voice cloning scams are the scariest thing I have seen in the last 20 years,” said Scott Hermann, CEO of IDIQ and a cybersecurity and financial expert.