Here are this week’s highlights in cybersecurity:

  • Namecheap had their Sendgrid email account hacked on Sunday. Attackers sent MetaMask and DHL phishing emails that attempted to steal recipients’ information and cryptocurrency wallets. More
  • Spain’s National Police and the U.S. Secret Service dismantled a Madrid-based cybercrime gang with nine members who stole over €5 million from individuals and North American companies using online scams. More
  • Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack. The attacks were HTTP/2-based, targeted several websites and originated from over 30,000 IP addresses. More
  • Hyundai and KIA are rolling out a software update on several of their models without immobilisers to prevent them from being stolen via the method popularized as the “Kia challenge” on social media. More
  • Burton Snowboards are unable to process online orders following what it describes as a cyber security incident. The company is working with third-party specialists to investigate the incident and determine the full nature and scope. More
  • New Microsoft IIS malware called “Frebniis” establishes a backdoor by injecting code into the memory of a DLL file related to FREB, a feature used to analyze failed web page requests. This allows the malware to stealthily monitor all HTTP requests and recognize specially formatted HTTP requests sent by the attacker, allowing for remote code execution. More

Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.