Major cybercrime bust

Jul 07 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that unravels cybercrime like Twitter does Instagram Threads #Threadbare 😂😂😂

It’s Friday, folks, which can only mean one thing… It’s time for our weekly segment!!!

It goes by many names. Patch of the Week, Tweak of the week. Okay, that’s it.

So, this week, give it up for Samsung, Android and, celebrating its third week in a row, you guessed it: WordPress! Ultimate Members plugin this week.

Congrats, the cybercriminals are no match… for your patch! 🎉🎉🎉

Samsung

CISA has drawn our attention to eight flaws, based on evidence of active exploitation.

This includes six shortcomings affecting Samsung smartphones and two vulnerabilities impacting D-Link devices. All the flaws have been patched as of 2021. Yay! So get updating, Paranoid Androids!

See below for the specific flaws that have been patched:

  • CVE-2021-25394 (CVSS score: 6.4)

  • CVE-2021-25395 (CVSS score: 6.4)

  • CVE-2021-25371 (CVSS score: 6.7)

  • CVE-2021-25372 (CVSS score: 6.7)

  • CVE-2021-25487 (CVSS score: 7.8)

  • CVE-2021-25489 (CVSS score: 5.5)

  • CVE-2019-17621 (CVSS score: 9.8)

  • CVE-2019-20500 (CVSS score: 7.8)

Just a few then…

WordPress ‘Ultimate Members’

If you run a WordPress site with the Ultimate Members plugin installed, make sure you’ve updated it to the latest version.

Over the weekend, the plugin’s creator published version 2.6.7, which is supposed to patch a serious security hole.

Flaw: CVE-2023-3460

Android

Google has released two security patches for Android in July. The first patch, released on July 1, addresses 22 security defects in the Framework and System components. The second patch, released on July 5, addresses 20 vulnerabilities in kernel and closed-source components. You can read more in-depth here.

It is important to note that the impact of these vulnerabilities may extend beyond the supported Android versions (11, 12, and 13). Older OS versions that no longer receive official support may also be affected.

To stay up-to-date on the latest security patches, it is recommended to check for updates regularly. You can do this by going to Settings > System > System update on your Android device.

Phew what a week for patches…

Now on to today’s hottest cyber security stories:

  • INTERPOL busts hacking group OPERA1ER's leader

  • Active Cyber Defence (ACD) reports 235k scams foiled by British businesses

  • Suncor Canadian energy firm chucks laptops following ‘cyber incident’

He’s a smoooth OPERA1ER 🎶 ‘Til he gets caught 😏

Sacré bleu! In a breathtaking international manoeuvre, law enforcement agencies around the world have orchestrated a masterful takedown, culminating in the arrest of a suspected senior member of the infamous French-speaking hacking crew known as OPERA1ER.

Interpol, the heralded champion of justice, has officially announced the capture as part of their operation codenamed Nervone.

According to Interpol's thrilling revelations, this daring group of cyber maestros is responsible for orchestrating a daring heist, swiping the eye-watering sum of at least $11 million but possibly as much as $30 million!

These audacious escapades unfolded like a thrilling spy novel, with more than 30 attacks executed across an impressive array of 15 countries spanning Africa, Asia, and Latin America.

The captivating arrest unfolded under the tropical skies of Côte d'Ivoire, early last month, leaving the world in awe of the law enforcement's incredible prowess.

This tour de force (France? lol) operation was bolstered by the invaluable insights provided by none other than the illustrious U.S. Secret Service's Criminal Investigative Division and the brilliant minds at Booz Allen Hamilton DarkLabs. USA, USA!

This financially driven collective of hackers, known by various aliases such as Common Raven, DESKTOP-GROUP, and NX$M$, has become synonymous with the art of deception and intrigue.

Their remarkable modus operandi was first exposed by the indomitable forces of Group-IB and Orange CERT Coordination Center (Orange-CERT-CC) in November 2022.

As the world eagerly awaits the unfolding of this captivating saga, one can't help but marvel at the incredible talents of these cyber artists and the relentless pursuit of justice by our global defenders.

Stay tuned, dear readers, for the next exhilarating chapter in the electrifying world of high-stakes cyber warfare!

British businesses: who do you think you are kidding Mr. Scammer? 🎶🇬🇧

In a digital battleground, the big United Kingdom has emerged as a fierce warrior against cyber threats, armed with an innovative "whole-of-society" approach.

The latest report from Active Cyber Defence (ACD) showcases the triumph of this strategy, revealing the prevention of millions of cyber attacks targeting UK organisations and citizens each year.

Prepare for a mind-blowing statistic: In 2022 alone, British businesses and citizens reported a suspicious email or website every five seconds! Guon boy!

That's right, folks—over 7.1 million dubious emails and URLs were flagged by astute UK organisations and savvy individuals through the National Cyber Security Centre (NCSC) remarkable Suspicious Email Reporting Service (SERS).

This groundbreaking service, the first of its kind on a global scale, has become the ultimate weapon in the fight against cyber evil.

Thanks to the collective efforts of the UK's cyber warriors, the NCSC accomplished a phenomenal feat—directly removing nearly a quarter of a million (235,000 to be exact) malicious URLs from the treacherous depths of the internet since the inception of SERS back in April 2020.

On average, it took less than six hours for these cyber guardians to obliterate the reported malicious URLs, leaving cyber criminals scrambling in their digital lairs.

Armed with a united front, where organisations, citizens, and cyber guardians fight side by side, the nation has unleashed an unparalleled digital purge.

The battle against cyber villains rages on, and the UK leads the charge, a shining example of what can be achieved when a nation unites to protect its digital borders.

Dad’s Army would be proud.

Suncor’s IT Supplier right now 😂😂

Suncor, blimey! New laptops, eh? And on Canada Day week 😊

Hold onto your hats, lads, because Suncor is making waves with a scorching hot tech update!

In the aftermath of a sizzling cybersecurity incident that left debit and credit processing at Petro-Canada gas stations across the Great White North in flames, the Calgary-based company is taking no chances and initiating a series of steamy security measures.

According to an internal communication, Suncor is turning up the heat by replacing desktops and laptops in a titillating process that will ensure the devices are safe and secure for use.

Now, we don't have all the juicy details on the exact extent of this computer recall or which departments were caught in the crossfire, but one cybersecurity expert has some saucy insights.

Chester Wisniewski, the field chief technology officer at the international cybersecurity firm Sophos, spilled the beans, suggesting that if this recall is as widespread as rumoured, it could mean only one thing: serious trouble in paradise.

According to Wisniewski, you don't normally see hardware getting compromised to such a mind-blowing extent that you have to throw it all out and start anew.

So, gentlemen, buckle up because the tech landscape at Suncor is heating up, and we'll be keeping a close eye on this scintillating computer reboot.

Will this incident be a cautionary tale or a catalyst for a thrilling cybersecurity overhaul? Only time will tell.

Thanks guys! Have a good weekend! And don’t be phishermen’s friends 😂

So long and thanks for reading all the phish!

Cyber Dawgs top picks from the week, he's your Dawg, he got you.

MONDAY: Meduza stealer – what you need to look out for

TUESDAY: Mexico-Based hacker targets global banks

WEDNESDAY: Meta’s Instagram Threads won’t launch in the EU yet

THURSDAY: Careful during browser upgrades

footer graphic cyber security newsletter

Recent articles