TRU Security

The Lazarus APT group is using job offers as a lure to infect people in their latest campaign. The threat actors are sending out messages that proport to contain a job offer from the Crypto.com financial exchange company.

Optus, a subsidiary of Singtel with over 10.5 million subscribers and Australia's second-largest mobile operator, has disclosed a security breach. Attackers claim to have obtained the data of 11 million customers, and have demanded $1 million in ransom. A small sample of the stolen data was initially published online.

A previously unknown threat actor named "Metador" has been breaching telecommunication companies, internet services providers (ISPs), and universities across multiple countries in the Middle East and Africa for about two years.

The infamous Hive ransomware gang has been busy lately. Just in the last week, they've claimed responsibility for four new victims.

An ongoing phishing campaign is abusing a feature from LinkedIn called Smart Links in order to bypass some security filters.

The Quantum and BlackCat ransomware gangs are now using the Emotet botnet to deploy their payloads. Emotet was first deployed as a banking trojan in 2014, and has since evolved into a network of compromised computers.

On June 22, 2022, CNCERT IoT Threat Research Team and NSFOCUS FuYingLab monitored a new botnet that was attacking IoT devices. Naming the threat ‘RapperBot,’ researchers found more than 5,000 compromised hosts, but no attack commands were spotted. In analyzing samples, cybersecurity analytics found similarities with Mirai Bot, whose source code has been leaked.