Here are this week’s highlights in cybersecurity:

  • Samsung confirmed a data breach that happened in July and was discovered in August. US servers were hacked to steal name, contact and demographic information, date of birth, and product registration information. More
  • Information stealer called Prynt Stealer contains a backdoor that exfiltrates a copy of the victim’s data to the developer. The malware is sold for $100/month or $700/year to other hackers and it’s based on open-source software. More
  • Worok, a recently discovered cyber-espionage group is hacking governments and high-profile companies in Asia & Africa since at least 2020 using custom and existing tools. According to researchers, the group is focused on stealing information. More
  • A cyberattack on InterContinental Hotels Group is disrupting booking systems. Although the announcement is not specific, the company says they’re “working to fully restore all systems”, which may indicate a ransomware attack. More
  • A law enforcement operation seized the website and domains for WT1SHOP, a criminal marketplace that allowed vendors to sell stolen login credentials and other PII, including driver’s licenses, passports, bank accounts and credit cards. As of June 2020, sellers had executed transactions worth $4 million. More
  • Iranian threat group tracked as Nemesis Kitten is abusing the Windows BitLocker to encrypt victims’ systems. More
  • US recovered $30 million out of the $620 stolen from Axie Infinity by North-Korean hackers, Lazarus. More

Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.