Categories
Botnet Breach Bug Credential Stuffing CVE Cyber Security Data leak Emotet Malware Phishing Scam Vulnerability

179 arrests made for drug trafficking on darknet, Luxottica confirms ransomware attack, disrupts work, and more

Major cybersecurity events on 23rd September 2020 (Morning Post): CISA’s advisory warns of notable increase in LokiBot malware. German investigators blame Russian DoppelPaymer gang for deadly hospital attack. Firefox 81 released with credit card autofill and new theme.

Round Up of Major Breaches and Scams

New tool helps companies assess why employees click on phishing emails

NIST’s new tool can help organizations improve the testing of their employees’ phish-spotting prowess. Researchers at the US National Institute of Standards and Technology (NIST) have devised a new method that could be used to accurately assess why employees click on certain phishing emails. The tool, dubbed Phish Scale, uses real data to evaluate the complexity and quality of phishing attacks to help organizations comprehend where their (human) vulnerabilities lie.

Nearly 700,000 Cyberattacks Against India Till August 2020

Computer Emergency and Response Team – India (CERT-In) recorded over 1.45 million cybersecurity incidents including breaches and hacks between 2015 and 2020. According to the India’s Ministry of Electronics and Information Technology (MeITY), Cert-In reported 49,455, 50,362, 53,117, 208,456, 394,499 and 696,938 cybersecurity incidents during the year 2015, 2016, 2017, 2018, 2019 and 2020 (till August) respectively.

Microsoft Extends Data Loss Prevention to Cloud App Security

The update, one of several announced today, is intended to help employees remain compliant when handling data across cloud applications. Microsoft today rolled out security updates and features for its Microsoft Compliance platform, with the goal of helping organizations protect data and address compliance regulations at a time when more employees are accessing sensitive corporate information from remote offices.

179 Arrested for Darknet Drug Trafficking

A global sting operation targeting drug trafficking on the darknet has led to 179 arrests and the seizure of weapons, drugs, and millions of dollars in cash and virtual currencies. Operation DisrupTor was conducted across the United States and Europe and was a collaborative effort between the law enforcement and judicial authorities of Austria, Cyprus, Germany, the Netherlands, Sweden, Australia, Canada, the United Kingdom, and the United States.

Round Up of Major Malware and Ransomware Incidents

Attackers Target Small Manufacturing Firms

The most common tactics include credential stuffing using valid accounts, various forms of deception, and vulnerabilities in third-party software, Rapid7 says in its latest quarterly threat report. Cybersecurity incidents targeting the manufacturing sector rose significantly in the second quarter of 2020, accounting for more than a third of detected attacks, up from 11% in the first quarter of the year, cybersecurity-services firm Rapid7 states in its latest threat report.

Ray-Ban owner Luxottica confirms ransomware attack, work disrupted

Italy-based eyewear and eyecare giant Luxottica has reportedly suffered a cyberattack that has led to the shutdown of operations in Italy and China. Luxottica is the world’s largest eyewear company that employs over 80,000 people and generated 9.4 billion in revenue for 2019. The company portfolio of eyeglasses brands contains well-known brands, including Ray-Ban, Oakley, Oliver Peoples, Ferrari, Michael Kors, Bulgari, Armani, Prada, Chanel, and Coach.

Emotet double blunder: fake ‘Windows 10 Mobile’ and outdated messages

The Emotet botnet has switched up their malicious spamming campaign and is now heavily distributing password-protected archives to bypass email security gateways. This campaign started on Friday with documents claiming to be created on the expired Windows 10 Mobile and continued with a large volume of messages pretending to be made on Android. Trying to trick users into enabling macros to see documents created on a different operating system may be a convincing stratagem but using Windows 10 Mobile (since the beginning of the month) is a blunder since the OS reached end of life in January 2020.

CISA’s advisory warns of notable increase in LokiBot malware

US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a new security advisory warning federal agencies and the private sector of a surge in the attacks employing the LokiBot malware since July 2020. The Agency’s EINSTEIN Intrusion Detection System has detected persistent malicious activity associated with the LokiBot malware.

German investigators blame Russian DoppelPaymer gang for deadly hospital attack

The investigation of German authorities on the recent attack on the Dusseldorf hospital reveals the possible involvement of Russian hackers. Last week, German authorities revealed that a cyber attack hit a major hospital in Duesseldorf, the Duesseldorf University Clinic, and a woman who needed urgent admission died after she had to be taken to another city for treatment. “The Duesseldorf University Clinic’s systems have been disrupted since last Thursday.” stated the Associated Press.

Round Up of Major Vulnerabilities and Patches

Google Chrome Bugs Open Browsers to Attack

Google has stomped out several serious code-execution flaws in its Chrome browser. To exploit the flaw, an attacker would merely need to convince a target to visit a specially crafted webpage via phishing or other social-engineering lures. Overall, Google’s release of Chrome 85.0.4183.121 for Windows, Mac and Linux – which will roll out over the coming days – fixed 10 vulnerabilities. The successful exploitation of the most severe of these could allow an attacker to execute arbitrary code in the context of the browser, according to Google. Google Chrome versions prior to 85.0.4183.121 are affected.

Google deprecates Web Store Payments API, effectively nuking Chrome paid extensions

Google has announced on Monday plans to permanently shut down the Chrome Web Store “Payments API.” This is the system that Google was using to handle payments on the Web Store, such as one-time fees, monthly subscriptions, and free trials for commercial Chrome extensions. The move to shut down the Payments API — and effectively support for Chrome paid extensions — comes after reports of widespread fraud last winter.

Microsoft Overhauls Patch Tuesday Security Update Guide

Microsoft has updated its Security Update Guide, which is used by tens of millions of cybersecurity professionals the second Tuesday of every month, also known as Patch Tuesday. The update, according to Microsoft, is meant to deliver a more intuitive user experience. For its latest update, introduced three weeks ahead of its Oct. 13 Patch Tuesday, Microsoft is boasting an improved user experience and a more modern user interfaces, better filtering and customization options for data views, and improved support for multiple languages.

Firefox 81 released with credit card autofill and new theme

Mozilla has released Firefox 81 today, September 22nd, 2020, to the Stable desktop channel for Windows, macOS, Linux, and Android with new features, bug fixes, changes, and six security fixes. The new features that stand out in this release are the ability to control videos via your headset and keyboard and a new credit card autofill feature. Windows, Mac, and Linux desktop users can upgrade to Firefox 81 by going to Options -> Help -> About Firefox, and the browser will automatically check for the new update and install it when available.