0:04

Cisco patches two zero days used

0:06

by a state-backed group. The

0:09

Plug X USB worm has infected two and

0:11

a half million devices. Hackers

0:13

leak the source code of El Salvador's

0:15

crypto wallet service. And the

0:18

US takes down another crypto mixing service.

0:21

This is Risky Business News prepared by

0:23

Katelyn Kimpano and read by me, Patrick

0:25

Gray. And I'm filling in for Clare

0:27

aired. Today is April 26th

0:30

and this podcast episode is brought to

0:32

you by Trail of Bits. Cisco

0:35

has released patches for two zero-day

0:37

vulnerabilities in its ASA firewalls. The

0:40

company says the bugs have been used in

0:43

the wild since early January by a suspected

0:45

state-backed actor. They were

0:47

exploited as part of a wider

0:49

cyber espionage campaign targeting devices from

0:51

other vendors and Microsoft Exchange email

0:53

servers. The campaign targeted

0:56

government networks across the globe. Cisco

0:59

and cybersecurity agencies from the Five

1:01

Eyes countries have released security advisories

1:03

on how to secure and investigate

1:06

ASA devices. The company

1:08

has not linked the attackers to

1:10

any specific foreign adversary. US

1:14

authorities and Europol have taken

1:16

down cryptocurrency mixing service Samurai

1:18

Wallet. The service allegedly

1:20

helped criminals launder more than $100 million

1:23

worth of assets from hacks, phishing

1:25

operations and illegal dark web markets.

1:28

The site's two founders were arrested in

1:30

Portugal and the United States. Authorities

1:34

say the two founders invited users to launder

1:36

funds through their site on social media. They

1:39

also taunted law enforcement about their

1:41

activities. In the aftermath of

1:43

the takedown, the FBI also warned Americans

1:46

not to use these types of services.

1:48

The Bureau says users risk losing

1:50

access to their funds when takedowns

1:52

happen. French

1:55

security firm Sequoia has sync-hulled one of

1:57

the command and control servers used by

1:59

the plug-ins. Us be one. Almost

2:01

one hundred thousand infected devices are

2:03

still checking the server for instructions

2:05

on a daily basis. The company

2:07

says that over a period of

2:10

six months had saw more than

2:12

two point five million unique devices

2:14

contacted server. Sequoia says the malware

2:16

supports the remote on install option.

2:19

The. Company has offered to help national

2:21

search teams perform what it has

2:23

described as a sovereign disinfection of

2:25

each country's Ip space. A

2:28

hacker has leaked the source code of

2:30

Cheaper Wallet, the Official State Crypto Currency

2:32

Wallet and Eight Cm platform in El

2:35

Salvador. This lake is

2:37

the latest in a long list

2:39

of hacks in El Salvador by

2:41

the group Cyber Intelligentsia As the

2:43

the same hackers previously late the

2:45

personal data of five point one

2:47

million Salvadorans that lake accounted for

2:49

most of the country's adult population.

2:53

Smartphone maker. Nothing has concerned a security

2:55

breach of it's online community forum. The

2:57

breach took place in Twenty Twenty Two,

3:00

but time to like this week after

3:02

some Nothing customers spotted their daughter online.

3:04

The company says the bridge took place

3:07

after a threat actor exploited a bug

3:09

in it's forum to collect user data

3:11

such as names and emails. Nothing says

3:14

that only two thousand users were impacted

3:16

and that no passwords were exposed in

3:18

the hat. Cure.

3:21

Him researchers have linked recent De

3:23

Dos attacks against Russian independent media

3:25

outlet Medusa to the infrastructure of

3:27

three residential proxy providers. It's the

3:30

most recent of the attacks took

3:32

place on April Fifteen and lasted

3:34

forty eight hours. The attacks were

3:37

linked to plane proxies, mean proxy,

3:39

and rapid seed box. Curious says

3:41

the same providers were also behind

3:44

coordinated De Dos attacks on independent

3:46

Hungarian news sites last year. A

3:50

Florida course has sentenced a sixty year

3:52

old man to four years in prison

3:54

for helping A B C gang warned

3:56

us stolen money they sell your bottles

3:59

Garcia Jr. laundered. More than two

4:01

point three million dollars for a

4:03

Nigerian gang involved in bc and

4:05

romance scams. Officials say Garcia converted

4:07

stolen funds to Bitcoin and sent

4:10

the funds to his coconspirators in

4:12

Nigeria. Check

4:14

and Ukrainian law enforcement A have

4:16

disrupted a criminal call center in

4:18

the Ukrainian city of Odessa. Us

4:21

officials say the call center was

4:23

involved in phone call scans. The

4:25

targeted and defrauded Check Citizens Call

4:27

Center employees posed as check banks

4:29

and tricked victims into installing remote

4:31

access software on their devices. Officials

4:34

say the group stole money from

4:36

check bank accounts and transfer the

4:38

funds to Ukraine with a cast

4:40

out through local A T M's.

4:43

Security researcher Pierre Kim

4:45

has found eighteen vulnerabilities

4:48

in brocade Sand as

4:50

appliances. Kim. Report of the

4:52

issues to Broad Com in September

4:54

Twenty twenty three, but only half

4:56

were patched and received see the

4:58

identifies. The vulnerabilities allow for compromise

5:00

of Sat Nav devices. They vary

5:02

from the use of hard coded

5:04

Ssh keys to the improper use

5:06

of encryption. Get

5:09

Hub says that ninety five percent

5:11

of users who contribute card to

5:13

the platform have now enabled multifactor

5:16

authentication for their accounts. The company

5:18

made em if a mandatory for

5:20

card contributions last year. Pass

5:22

case or a spike in adoption after support

5:24

was added while as him as use fell

5:27

by twenty five percent. Google

5:30

has delayed the phase out of third

5:32

party cookies from it's Chrome browser until

5:34

early Twenty Twenty Five. The company delayed

5:36

the removal at the request of Uk

5:39

authorities. Support for third party cookies was

5:41

supposed to be removed from prime at

5:43

the end of the year. And

5:47

that's all for this podcast addition. Tonight show

5:49

was brought to you by our sponsor Trail

5:51

of Bits and you can find them at

5:53

Tribal states.com. By. For now.