A vigilante is contesting control of the Emotet infrastructure with its criminal masters. The vigilante is replacing images that carry the malicious Emotet payload with animated GIFs, ZDNet reports. About a quarter of Emotet payloads are thought to be affected.
ZDNet says digital banking app maker and fintech unicorn Dave yesterday confirmed it had sustained a data breach exposing more than seven-million users' data. The data lost include names, phone numbers, emails, birth dates, and home addresses. Social security numbers were also lost, but were apparently encrypted, and passwords accessed in the breach are said to have been hashed. Dave attributes the compromise to a breach at data-analytics service Waydev, formerly a third-party provider.The data have appeared on more than one hacking forum, including RAID, where the ShinyHunters made the information available for free.
Garmin's incident last week was a WastedLocker ransomware attack, BleepingComputer writes. The BBC reports that Garmin, now restoring its services, was asked for $10 million.
The director of the US National Counterintelligence and Security Center warned late Friday that a number of state and non-state actors are actively working to influence the 2020 US elections, the Voice of America reports. Director William Evanina said that, while Russia, China, and Iran are all active, and are the best known threats, other players are working on the elections as well.
Interfax reports that Ukraine's National Security and Defense Council reports that some three-million Cloudflare users have been named, and their IP addresses identified, in a dark web dump.