X-Industry

A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by using obfuscated JavaScript to slip past security defenses. The campaign's impact has targeted various industries, with manufacturing companies, retail firms, and government agencies being the most affected. Malicious emails often impersonate official tax documents, using the urgency of personal income tax filings to trick users into downloading the malware.

See:  https://r

The US Department of Justice (DOJ) on 24 April 2024 announced the arrest of two co-founders of a cryptocurrency mixer called Samourai. It seized the service for allegedly facilitating over $2 billion in illegal transactions and laundering more than $100 million in criminal proceeds.  Keonne Rodriguez, 35, and William Lonergan Hill, 65, have been charged with conspiracy to commit money laundering and conspiracy to operate an unlicensed money-transmitting business from 2015 through February 2024.

Network credentials and virtual private network (VPN) access for colleges and universities based in the US are being advertised for sale on underground and public criminal marketplaces. "This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber-attacks against individual users or affiliated organizations," the US Federal Bureau of Investigation (FBI) said in an advisory published last week.  See:  https://www.ic3.gov