Here are this week’s highlights in cybersecurity:

  • UK Police arrested 17-year-old believed to be behind Uber and Rockstar hacks. More
  • A previously unknown APT dubbed as ‘Metador’ has been hacking telcos, ISPs, and universities for two years. Their goals appear to be long-term persistence for espionage using a variety of custom malware. More
  • Ransomware exfiltration tool might show a change in tactics switching from encryption to data corruption. Thus the exfiltrated data becomes the only way of recovery, while eliminating the need for complex ransomware software. More
  • Hackers are sharing the Brute Ratel C4 post-exploitation kit online on various forums. Some threat actors have switched to it, as Cobalt Strike is detected by more and more antivirus & EDRs. More
  • Prilex, a Brazilian point-of-sale malware, was recently upgraded to execute EMV transactions. The malware can intercept a transaction, modify its content, capture the card information and request new EMV cryptograms to the victim’s card. More
  • The North Korean hacking group ‘Lazarus’ is deploying a Windows rootkit by abusing a vulnerable Dell hardware driver in a Bring Your Own Vulnerable Driver attack. More

Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.