Microsoft force installs Windows 10 update to remove Flash Player
By
Microsoft is force installing a Windows 10 update that removes the embedded 32-bit version of Adobe Flash Player from the operating system.
In October, we reported that Microsoft had released the KB4577586 optional update to remove the embedded 32-bit Flash Player from Windows and prevent it from being installed again.
32-bit Flash shown in Windows 10 Control Panel
This update was only available from the Microsoft Catalog, and once installed, could no longer be removed. This update marks an end to embedded Flash in the Windows 10, Windows 8, and Windows Server operating systems.
US shares info on North Korean malware used to steal cryptocurrency
By
10:25 AM
The FBI, CISA, and US Department of Treasury shared detailed info on malicious and fake crypto-trading applications used by North Korean-backed state hackers to steal cryptocurrency from individuals and companies worldwide in a joint advisory published on Wednesday.
These cryptocurrency trading apps were developed and injected with AppleJeus malware by a DPRK state-sponsored threat actor known as Lazarus Group (tracked by the U.S. as HIDDEN COBRA). These cyber actors have targeted organizations for cryptocurrency theft in over 30 countries during the past year alone, the advisory reads.
US indicts North Korean hackers for stealing $1.3 billion
By
The U.S. Department of Justice has charged three North Koreans for stealing $1.3 billion in money and cryptocurrency in attacks on banks, the entertainment industry, cryptocurrency companies, and more.
The defendants are state-sponsored North Korean hackers and members of Reconnaissance General Bureau (RGB) units, a North Korean military intelligence agency that has engaged in criminal hacking operations. These North Korean military hacking units are known by multiple names in the cybersecurity community, including Lazarus Group and Advanced Persistent Threat 38 (APT38), the DOJ said.
According to DOJ, the three North Koreans have been participating in a wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks, to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications,
Pro-India hackers use Android spyware to spy on Pakistani military
By
12:12 PM
This week a report has revealed details on two Android spyware strains leveraged by state-sponsored threat actors during the India-Pakistan conflict.
The malware strains named
SunBird have been delivered as fake Android apps (APKs) by the
Confucius advanced persistent threat group (APT), a pro-India state-sponsored operation known to spy on Pakistani and South Asian targets, since at least 2013.
Although Confucius has created Windows malware in the past, the group has extended its capabilities to mobile malware since 2017 when the spying app ChatSpy came into existence.
The apps used by the group contain advanced capabilities including taking photos from the camera, requesting elevated privileges, scraping WhatsApp messages, and uploading all this information to the servers of the APT group.
The Week in Ransomware - February 12th 2021 - More keys released
By
This week we saw another ransomware shut down its operation and a significant attack against Cyberpunk 2077 game developer CD Projekt Red.
Another operation known as Ziggy Ransomware shut down this week and released the decryption keys for victims. This shut down was due to increased concern about law enforcement action after the disruption and arrests in the Netwalker Ransomware operation.