Cyber Security Today, Feb. 12, 2024 – US seizes a website selling the Warzone malware

Share post:

The U.S. seizes a website selling the Warzone malware.

Welcome to Cyber Security Today. It’s Monday, February 12th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

American authorities have seized a website and several domains that sold the Warzone remote access trojan to threat actors. The malware takes screenshots, records keystrokes, turns on computer video cameras and steals data. As part of the operation the U.S. also indicted individuals in Malta and Nigeria for alleged computer crimes. Both have been arrested. American authorities are trying to extradite the man in Malta for trial in the U.S. The U.S. credited Canada, Croatia, Finland, Germany, the Netherlands and Romania with helping in the takedown of the Warzone servers.

Cyber investigators in France are still looking into data breaches at two supplementary health insurance companies two weeks ago which saw the theft of data of more than 33 million people. That’s about half the country. The country’s privacy commission said data stolen on policyholders included people’s names, date of birth and their social security number. No banking or health data was stolen.

Separately, the France Info radio network reports that a ransomware attack forced a hospital in northern France to take its IT systems offline Sunday. It also had to temporarily close its emergency department.

Personal data on over 13 million Americans was stolen last spring from a company that provides medical transcription services to healthcare organizations. The company is Perry Johnson & Associates. Among its clients is Concentra Health Services, which has clinics across the U.S. Perry Johnson said the attacker accessed the IT system that held data on Concentra patients in April. Notification of the millions of victims started in November. We’re learning about it now because Perry Johnson filed a description of the data breach notification letters last week with Maine’s attorney general’s office.

Planet Home Lending, an American loan provider, has updated the number of victims involved in a data breach that took advantage of a Citrix vulnerability in its servers. Last month it said data on just under 200,000 customers was stolen in November. In an updated filing with Maine’s attorney general the company now says the number is almost 285,000 people.

A new backdoor targeting Mac computers has been discovered. Researchers at Bitdefender say the malware seems to impersonal an update for Microsoft Video Studio. So Mac users should be wary of emails or popups claiming to be a patch for this application. This malware may have been circulating since last November. Bitdefender suspects it may have been created by a ransomware gang.

The U.S. Federal Communications Commission won’t allow anyone in the U.S. to use artificial intelligence software to create voice-cloned automated phone calls. The regulator said last week calls recorded with AI-generated voices are forbidden on the Telephone Consumer Protection Act. Crooks are sending out robocalls that imitate the voices of celebrities and politicians for scams or misinformation. They are even using the technology to imitate family members for extortion. Not only will police go after crooks for robocalls for fraud, they will now be able to prosecute for illegal use of AI.

Last November news emerged that a Pennsylvania water authority’s water pressure regulating system was hacked by an Iranian threat group. The group planted a message on the system’s interface. The entry point was the system’s Unitronics internet-connected controller. As a result of that attack researchers at Censys did some internet scanning and found 149 internet-exposed Unitronics devices and services in the U.S. Interestingly, a number of them are honeypots. That is they are designed to lure hackers. However, Censys said many operators of the web control panels of Unitronics PLCs are still using the default password of 1111. Censys warns IT and OT administrators to a) make sure the default password is changed and b) that if these devices do have to be connected to the internet they should be protected by a VPN or firewall.

Want to start the day with more news? IT World Canada’s Jim Love has a daily general IT news podcast. It’s called Hashtag Trending. It can be found here or where Cyber Security Today is: on Apple Podcasts and Google Podcasts.

The post Cyber Security Today, Feb. 12, 2024 – US seizes a website selling the Warzone malware first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Cyber Security Today, Feb. 21, 2024 – A patch warning from ConnectWise, the latest ransomware news, and more

This episode reports on a report comparing business email compromise attacks against ransomware

Hashtag Trending Feb.21- LockBit website goes down; Microsoft takes on Nvidia; Online backlash against OpenAI

An international effort has brought down the notorious LockBit ransomware gang, Microsoft has developed its own tech to replace Nvidia and a huge backlash against OpenAI on social media.    All this and more on the “Jeez, you take one long weekend and the world explodes” edition of Hashtag Trending. I’m your host Jim Love,

Hashtag Trending Feb.21- LockBit website goes down; Microsoft takes on Nvidia; Online backlash against OpenAI

An international effort has brought down the notorious LockBit ransomware gang, Microsoft has developed its own tech to replace Nvidia and a huge backlash against OpenAI on social media.    All this and more on the “Jeez, you take one long weekend and the world explodes” edition of Hashtag Trending. I’m your host Jim Love,

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways