Security Flaw in Japanese 7-Eleven App Allows Attacks to Steal Over $500k from Customers
cyware.com - Author: Ryan Stewart - Date: July 5th, 2019
Popular supermarket chain 7-Eleven has become the latest victim in a cyber attack. Attackers banked on a security flaw in 7-Eleven’s 7pay and stole around ¥55 million. This was done by making fraudulent payments from 7pay accounts of around 900 Japanese customers. The flaw, which was a faulty password reset function, could allow anyone to access 7pay accounts with password resets. 7pay is a mobile payments app developed by 7-Eleven that was intended for its Japanese customers. It was launched on July 1, 2019.
New Phishing Campaign Targets Croatian Government Employees with Malware Payload
zdnet.com - Author: Catalin Cimpanu - Date: July 5th, 2019
A mysterious hacker group has targeted, and most likely infected, Croatian government employees between February and April this year. Attackers, which are suspected to be a state-sponsored unit, have targeted victims using a spear-phishing campaign that mimicked delivery notifications from the Croatian postal or other retail services. The document was laced with malicious code packed as a macro script which appeared to have been largely copied off the internet, from various tutorials or open source projects. The macro script, if enabled by the victim, would download and install malware on their systems. Two different sets of malware payloads were detected during these attacks.
FBI Issues Warning on Social Media Warning Teenagers about the Danger of Sending Private Images on the Internet
bleepingcomputer.com - Author: Sergiu Gatlan - Date: July 4th, 2019
The U.S. Federal Bureau of Investigation (FBI) issued a warning on Twitter regarding sextortion campaigns used by scammers to target young people from all over the United States. "The internet connects you with the world. Do you know who in the world is connecting with you? Sending one explicit image can start a scary cycle," says the FBI in a tweet shared on July 3. The scammers who operate sextortion campaigns that impact kids usually make use of a variety of channels to contact their young targets from social media and gaming platforms to video and dating chat apps.
DerpTrolling Has Been Sentenced to 27 Months in Prison
sandiegouniontribune.com - Author: Kristina Davis - Date: July 3rd, 2019
On Tuesday, the person behind the DerpTrolling, who took down Sony Online Entertainment’s servers, was sentenced in San Diego federal court to 27 months in prison. Austin Thompson was 18 when he waged the series of attacks between Dec. 19, 2013, and Jan. 6, 2014. While he specifically admitted to targeting Sony in his plea agreement, the DerpTrolling account took credit for also attacking gaming giant Electronic Arts and other sites. Thompson’s lawyer added that Thompson didn’t write the program that caused the attacks but was instead “a button pusher.” Assistant U.S. Attorney John Parmley agreed that there was no evidence that Thompson authored the software.
Alabama Fugitive Charged With Wildlife Offense For Feeding Meth to Pet ‘Attack Squirrel’
usatoday.com - Associated Press - Date: July 3rd, 2019
An Alabama man accused of feeding methamphetamine to what authorities called an "attack squirrel" is being charged with a state wildlife offense. Court records show 35-year-old Mickey Joel Paulk is now charged with illegal possession of wildlife.
Paulk hasn't denied having a pet squirrel, which is illegal under state law. But he has denied police allegations that he fed meth to the squirrel to make it aggressive.