Over the weekend, officials for the Financial Transactions and Reports Analysis Centre (FINTRAC) in Canada were forced to take their systems offline in response to a cyberattack. FINTRAC is a government agency that monitors suspicious financial transactions and conducts investigations surrounding fraud and money laundering schemes. As of now, no threat actors have claimed responsibility for the incident, though the investigation into the system intrusion is still ongoing.
Apple patches multiple zero-day vulnerabilities
Apple has recently pushed out an emergency update for all iOS and iPadOS devices to resolve two critical vulnerabilities that have been actively exploited by threat actors. IOS exploits are commonly targeted in nation-state attacks to silence any dissent or disrupt journalists from reporting on uncouth activities from within the region. Both vulnerabilities revolve around memory corruption and have been corrected by enhancing user validation.
Third-party breach impacts American Express customers
Officials from American Express have begun contacting customers about a payment card breach at a third-party vendor, though that vendor has not been released. As the investigation continues, the number of affected customers has yet to be confirmed, as well as what information was accessed from the victim’s systems. While more banks have improved their internal security protocols, supply chain attacks are still prevalent and can access banking information from service providers and tangential vendors.
ALPHV/BlackCat ransomware silently bows out
Following an international law enforcement takedown of the ALPHV/BlackCat ransomware group back in December, the threat actors behind the group rallied but have now claimed to be shutting down due to pressure from law enforcement once again. Both their leak site and negotiations page have recently been removed and replaced with a banner claiming the sites were seized by multiple law enforcement groups, though this may be a sign of an exit scam, as an affiliate has announced that their recent ransom was stolen by the ALPHV/BlackCat threat actors.
Predator spyware identified in a dozen new countries
Researchers have been tracking a new campaign of mobile device infections across a dozen new countries, related to Predator spyware, which has been active since 2019. Predator is known for gaining easy access to a mobile device and remaining silent while gathering information from the victim through device information and exploiting the microphone to gather voice recordings.
