Friday Squid Blogging: US Naval Ship Attacked by Squid in 1978 - Schneier on Security
Interesting story: USS Stein was underway when her anti-submarine sonar gear suddenly stopped working. On returning to port and putting the ship in a drydock, engineers observed many deep scratches in the sonar dome’s rubber “NOFOUL” coating. In some areas, the coating was described as being shredded, with rips up to four feet long. Large claws were left embedded at the bottom of most of the scratches. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Ransomware hackers charged, infrastructure dismantled in international law enforcement operation
Europol said 300 servers and 650 domains were taken down worldwide, while about $3.5 million was seized during raids throughout the week as part of Operation Endgame.
Hacker steals $223 million in Cetus Protocol cryptocurrency heist
The decentralized exchange Cetus Protocol announced that hackers have stolen $223 million in cryptocurrency and is offering a deal to stop all legal action if the funds are returned.
Dozens of malicious packages on NPM collect host and network data
60 packages have been discovered in the NPM index that attempt to collect sensitive host and network data and send it to a Discord webhook controlled by the threat actor.
FBI warns of Luna Moth extortion attacks targeting law firms
The FBI warned that an extortion gang known as the Silent Ransom Group has been targeting U.S. law firms over the last two years in callback phishing and social engineering attacks.
US, Europol arrest 270 dark web drug traffickers in Operation RapTor
U.S. and EU law enforcement seized more than $200 million and 144 kilograms of fentanyl or fentanyl-laced narcotics alongside 180 firearms as part of the international effort.
Law enforcement agencies in Europe and North America have dismantled major infrastructure used in ransomware attacks as part of Operation Endgame, disrupting initial access malware and issuing international arrest warrants against key suspects.
Talos analyzed six months of PowerShell network telemetry and found that rare domains are over three times more likely to be malicious compared to frequently contacted ones.
Phishing Campaigns: Taking the Pressure Off Employees | CSA
A tailored phishing campaign runs on personal information. Taking employees’ personal information out of circulation deprives attackers of a valuable resource.
Signal Blocks Windows Recall - Schneier on Security
This article gives a good rundown of the security risks of Windows Recall, and the repurposed copyright protection took that Signal used to block the AI feature from scraping Signal data.
TikTok videos now push infostealer malware in ClickFix attacks
Cybercriminals are using TikTok videos to trick users into infecting themselves with Vidar and StealC information-stealing malware in ClickFix attacks.