Fake CrowdStrike repair manual pushes new infostealer malware
CrowdStrike is warning that a fake recovery manual to repair Windows devices is installing a new information-stealing malware called Daolpu. Since Friday, when the buggy CrowdStrike Falcon update caused global IT outages, threat actors have quickly begun to capitalize on the news to deliver malware through fake fixes. A new campaign conducted through phishing emails pretends to be instructions on using a new Recovery Tool that fixes Windows devices impacted by the recent CrowdStrike Falcon crashes.
Verizon to pay $16 million in TracFone data breach settlement
Verizon Communications has agreed to pay a $16,000,000 settlement with the Federal Communications Commission (FCC) in the U.S. concerning three data breach incidents at its wholly-owned subsidiary, TracFone Wireless, suffered after its acquisition in 2021. TracFone is a telecommunications service provider offering services through Total by Verizon Wireless, Straight Talk, and Walmart Family Mobile, among others. Apart from the hefty civil penalty, the announced settlement agreement requires the communications firm to implement specific measures to increase the level of data security for its customers going forward.
Are you being exploited by AI-powered surveillance pricing?
Nearly a decade ago, Uber revealed that customers are more willing to pay surge prices when their phones are about to die. That data point sparked a pervasive belief that Uber and other ridehailing apps use algorithms to tailor each passenger’s price to their behavior and willingness to pay — a practice known as “surveillance pricing.” A related myth — that to jack up prices for flights you’re interested in — is similarly ubiquitous even though it’s not true. Surveillance pricing may not be widespread yet, but experts say it’s on the horizon, and consultants are starting to offer surveillance pricing models to businesses across various industries. The Federal Trade Commission announced today that it’s ordering eight companies that offer AI surveillance pricing products and services to turn over information about the impact these pricing schemes have on privacy, competition, and consumer protection, the FTC announced today.
Heritage Foundation data breach containing personal data is available online
The Heritage Foundation this month denied that it had suffered an earlier system breach and the subsequent leaking of internal data. But the organization had to admit that cybercriminals gained access to an archive of Heritage’s affiliated media site, The Daily Signal, dating back to 2022. That archive reportedly contained content of Heritage and non-Heritage contributors’ personal information. Either way, a Malwarebytes review of the data shows over half a million usernames and passwords. At the heart of the back-and-forth claims are an alleged breach against the Heritage Foundation that SiegedSec, a politically motivated group, claimed to have carried out on July 2, 2024.
How a North Korean Fake IT Worker Tried to Infiltrate Us
KnowBe4 needed a software engineer for our internal IT AI team. We posted the job, received resumes, conducted interviews, performed background checks, verified references, and hired the person. We sent them their Mac workstation, and the moment it was received, it immediately started to load malware. The EDR software detected it and alerted our InfoSec Security Operations Center. The SOC called the new hire and asked if they could help. That’s when it got dodgy fast. We shared the collected data with Mandiant, a leading global cybersecurity expert, and the FBI, to corroborate our initial findings.It turns out this was a fake IT worker from North Korea. The picture you see is an AI deepfake that started out with stock photography (below).
Phish-Friendly Domain Registry “.top” Put on Notice
The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top was the most common suffix in phishing websites over the past year, second only to domains ending in “.com.” On July 16, the Internet Corporation for Assigned Names and Numbers (ICANN) sent a letter to the owners of the .top domain registry. ICANN has filed hundreds of enforcement actions against domain registrars over the years, but this is thought to be the first in which ICANN has singled out a domain registry responsible for maintaining an entire top-level domain (TLD).
