Welcome to the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly curated for you every week. This week's volume was curated by Secjuice writers Thunder-Son, Sinwindie, Muhammad Luqman, Prasanna, Mike Peterson and Miguel Calles.
Software AG Data Released After Clop Ransomware Strike
The Clop group attacked Software AG, a German conglomerate with operations in more than 70 countries, threatening to dump stolen data if the whopping $23 million ransom isn’t paid.
Microsoft Patches Critical, Wormable RCE Bug
There were 11 critical bugs and six that were unpatched but publicly known in this month’s regularly scheduled Microsoft updates and one of them is wormable.
20 ARRESTS IN QQAAZZ MULTI-MILLION CYBERCRIMINAL MONEY LAUNDERING CASE
An unprecedented international law enforcement operation involving 16 countries has resulted in the arrest of 20 individuals suspected of belonging to the QQAAZZ criminal network which attempted to launder tens of millions of euros on behalf of the world’s foremost cybercriminals.
GHunt OSINT Tool Sniffs Out Google Users’ Account Information Using Just Their Email Address
A new open source tool allows security teams to explore data created by Google accounts. GHunt lets individuals, or security experts, analyze a target’s Google “footprint” based just on an email.
Cybercriminals Gamble With Victims' Livelihoods To Pass the Covid-19 Blues
An interesting look at the online leisure activities of cybercriminals. Cybercriminals seem to favor certain types of online competitions, which have increased in frequency in 2020 as the pandemic progressed. These include online rap battles, poker tournaments, poem contests and in-person sport tournaments.
Fancy Bear Imposters Are on a Hacking Extortion Spree
Nice looking website you've got there. It'd be a shame if someone DDoS'd it.
Hackers Are Using A Severe Windows Bug To Backdoor Unpatched Servers
One of the most critical Windows vulnerabilities disclosed this year is under active attack by hackers who are trying to backdoor servers that store credentials for every user and administrative account on a network.
Robinhood Kicks Cybersecurity Month Off By Getting Hacked
Approximately 2,000 Robinhood accounts were accessed by hackers and looted during the week of October 5, according to Bloomberg1. Victims told Bloomberg that their trading accounts were hacked in spite of already having set up account protection.
Iranian State Hacker Group Linked To Ransomware Deployments
Security researchers said they found clues linking recent attacks with the Thanos ransomware to a group of Iranian state-sponsored hackers. While investigating incidents at several Israeli prominent organizations, security researchers said they linked the intrusions to MuddyWater, an Iranian state-sponsored hacking group