Porch pirates appear to be accessing AT&T data to track iPhone deliveries
A new report today suggests that porch pirates – thieves who steal packages left on doorsteps shortly after delivery – have accessed tracking data from AT&T systems to follow iPhone deliveries. There has been a marked uptick in iPhones being stolen from doorsteps after being ordered from AT&T and delivered by Fedex, apparently with the help of real-time delivery updates.
Phobos Ransomware Administrator Extradited from South Korea to Face Cybercrime Charges
The Justice Department unsealed criminal charges today against Evgenii Ptitsyn, 42, a Russian national, for allegedly administering the sale, distribution, and operation of Phobos ransomware. Ptitsyn made his initial appearance in the U.S. District Court for the District of Maryland on Nov. 4 after being extradited from South Korea. Phobos ransomware, through its affiliates, victimized more than 1,000 public and private entities in the United States and around the world, and extorted ransom payments worth more than $16 million dollars. “The Justice Department is committed to leveraging the full range of our international partnerships to combat the threats posed by ransomware like Phobos,” said Deputy Attorney General Lisa Monaco.
Germany and Finland investigate a severed data cable through the Baltic Sea
German and Finland expressed deep concern over the discovery Monday of a severed undersea data cable between the countries through the Baltic Sea, saying it raised suspicions of sabotage and that an investigation was underway. The foreign ministries of the two countries said in a joint statement that the damage comes at a time that “our European security is not only under threat from Russia‘s war of aggression against Ukraine, but also from hybrid warfare by malicious actors.” The statement said the countries were investigating the incident, and that it was crucial that such “critical infrastructure” be safeguarded. “The fact that such an incident immediately raises suspicions of intentional damage speaks volumes about the volatility of our times,” the two countries said.
Fake Bitwarden ads on Facebook push info-stealing Chrome extension
Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser. Bitwarden is a popular password manager app with a “free” tier featuring end-to-end encryption, cross-platform support, MFA integration, and a user-friendly interface. Its user base has been growing steadily in the past couple of years, especially following security breaches of competitors that led many to look for alternatives.
CISA Director Jen Easterly to depart agency on January 20
Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), will depart the government agency after more than three years at the helm. Both Easterly and the agency’s deputy director Nitin Natarajan will depart CISA on January 20 as the new Trump administration begins, according to NextGov, which first reported the departures, citing sources. CISA spokesperson Antonio Soliz confirmed the executive leadership departures in an email to TechCrunch. “All appointees of the Biden Administration will vacate their positions by the time the new Administration takes office at noon on January 20,” said Soliz.
You’re Invited: Rampant Phishing Abuses Eventbrite
With over 5 million events annually on Eventbrite, attackers have found a new, trusted entry point for phishing – now showing a 900% growth rate in attacks. Perception Point’s security researchers recently identified a mounting wave of phishing attacks, in which threat actors misuse Eventbrite’s services to steal financial or personal information. Within days, Perception Point has prevented thousands of these phishing emails, targeting both individuals and organizations worldwide across various industries–impersonating banks, airlines, postal services, energy companies, and more.