privacy – Cybersecurity Today

Compromised Exchange Servers Sending Emails to Infect Computers with IcedID Malware

IcedID Info-Stealing Malware Continues to Spread

Compromised Microsoft Exchange servers are sending out emails that appear to be a part of an email chain’s conversation to lure the un-suspecting user into opening an attached password protected archive or .zip file, along with the included password on open the file, resulting in infecting the user’s computer. From this point IcedID phones home with command-and-control techniques and then it can be utilized for a number of different ways to continue to exploit the infected computer. Due to the age of IcedID malware there is quite a bit of researched patterns and information of how it infects a computer.

More details:

The Register – https://www.theregister.com/2022/03/29/icedid_microsoft_exchange_phishing/

The Hacker News – https://thehackernews.com/2022/03/hackers-hijack-email-reply-chains-on.html

BleepingComputer – https://www.bleepingcomputer.com/news/security/microsoft-exchange-targeted-for-icedid-reply-chain-hijacking-attacks/

Microsoft Searches For Evidence Of Claimed Breach

Microsoft is underway investigating if they were breached due to a claim from a cyberthreat group has released. The same extortion group that has also claimed recent breaches to six other large businesses.

Bleeping Computer – “Microsoft investigating claims of hacked source code repositories” : https://www.bleepingcomputer.com/news/security/microsoft-investigating-claims-of-hacked-source-code-repositories/

25 Didi Apps Removed after Investigation Launch

“China to remove 25 Didi apps from store as crackdown intensifies” via Reuters

“administration on Friday said it would remove 25 mobile apps operated by Didi Global Inc from app stores as the government stepped up a crackdown on the ride-hailing giant.

The apps in question used data that was illegally collected by Didi and include those for its delivery service, camera device and finance services, the Cyberspace Administration of China said in a statement.”

More detail: https://finance.yahoo.com/amphtml/news/china-cyberspace-administration-says-remove-142715192.html

Didi App Gets Yanked from App Stores

Didi app gets removed from app stores after the launch of a cybersecurity investigation.

“China’s Ride-Hailing Giant Didi Removed From App Stores Over Cybersecurity Investigation” via Synced – https://syncedreview.com/2021/07/04/chinas-ride-hailing-giant-didi-removed-from-app-stores-over-cybersecurity-investigation/

“Didi shares tank as traders react to China’s crackdown” via CNBC – https://www.cnbc.com/2021/07/06/didi-shares-crash-as-traders-react-to-chinas-crackdown.html

“China orders Didi app downloads suspended over data violation” via Fox Business – https://www.foxbusiness.com/technology/china-orders-didi-app-downloads-suspended-over-data-violation

“China Signals Broad Clampdown on Company Data, Offshore Listings” via Bloomberg News – https://finance.yahoo.com/news/china-vows-ramp-scrutiny-data-111941548.html