Categories
Breach Bug CVE Cyber Security DDoS Hacking Malware Ransomware Spam Vulnerability

Delhi University data privacy breach, Try2Cry ransomware infects USB flash drives, spreads to Windows, and more

Major cybersecurity events on 6th July 2020 (Morning Post): Threat actors leverage Tor networks to carry out system compromise, data exfiltration, DoS attacks, reconnaissance. FakeSpy malware resurfaces, steals text messages, financial data, bank login information, app data, etc.

Round Up of Major Breaches and Scams

CISA warns organizations of cyberattacks from the Tor network

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) is warning enterprises of cyberattacks launched from the Tor network. Threat actors leverage the Tor network to hide the real source of their attacks and avoid that their C2 infrastructure could be identified and shut down by CISA. Attackers use Tor to carry out malicious activities including system compromise, data exfiltration, denial of service (DoS) attacks, and also reconnaissance.

Serious data privacy breach at DU admit card 2020 download portal, students’ personal details available

Early on Thursday, two Twitter users pointed out the serious data privacy breach problems arising in the DU admit card 2020 download portal, which is part of the official Delhi University website. Anyone with the ‘gateway password’ can download the admit cards of all students in any Delhi University college.

Round Up of Major Malware and Ransomware Incidents

An old piece of Android malware is back and more dangerous than before

An old and dangerous piece of Android malware called FakeSpy has resurfaced in a big way, according to a new report from Cybereason. FakeSpy, which was first discovered by security researchers nearly three years ago, is a particularly nasty piece of malware designed to steal a user’s text messages, financial data, bank login information, app data, contact lists, and more.

Try2Cry ransomware tries to worm its way to other Windows systems

A new ransomware known as Try2Cry is trying to worm its way onto other Windows computers by infecting USB flash drives and using Windows shortcuts (LNK files) posing as the targets’ files to lure them into infecting themselves. The Try2Cry ransomware was discovered by G DATA malware analyst Karsten Hahn when a detection signature designed to spot USB worm components got triggered while analyzing an unidentified malware sample.

Avaddon Ransomware Still Using Excel 4.0 Macros

Just like jokes, sometimes the old vulnerabilities are the best ones. So, stop us if you’ve heard this before: ransomware criminals are still using malicious Excel 4.0 macros in campaigns. This week, Microsoft’s security intelligence team noted that Avaddon was the latest malware to use the macros as an infection vector.

Cyberattacks Possibly Involved in Explosions at Iranian Nuclear, Military Facilities

There have been several incidents at major Iranian industrial facilities in recent weeks. Iranian officials blamed the Parchin explosion on a gas leak and in the case of Natanz they downplayed the incident claiming that it only impacted a warehouse that was under construction.

Sodinokibi Ransomware Operators hit electrical energy company Light S.A.

Sodinokibi ransomware (aka REvil) operators have breached the Brazilian-based electrical energy company Light S.A. and are demanding a $14 million ransom. The company issued comments to a local newspaper confirming the attack, Light S.A. admitted the intrusion to a local newspaper, but it did provide technical details of the security breach either disclose the type of ransomware that infected its systems.

Round Up of Major Vulnerabilities and Patches

Windows 10’s Microsoft Store Codecs patches are confusing users

Microsoft released security updates via the Microsoft Store last week, and it’s confusing many users who want to make sure their devices are protected. When Microsoft releases security updates for Windows, they are almost always released via Windows Update or by standalone updates that can be downloaded from the Microsoft Catalog.

Gmail spam filter breaks down, warning issued to millions of gmail users

Spam filters are something we rarely give a thought to, but nevertheless, they are quite important- working backstage and taking quite the load off. This was something many Gmail users realized after a glitch in Gmail’s spam filter let dangerous, malicious, not safe for work messages to be sent to their inbox.

Cisco Talos discloses technicals details of Chrome, Firefox flaws

Researchers from Cisco Talos disclosed technical details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. The first issue, tracked as CVE-2020-6463, is a memory corruption vulnerability that affects PDFium, an open source PDF library used by Chrome and other applications.

Use of open-source libraries leave web apps vulnerable to cyber attacks

Web applications (web apps) are rapidly growing in both importance and complexity. As e-commerce becomes more popular, the availability and security of an organization’s web presence have a dramatic impact on its profitability. While developers commonly perform security scanning against the code that they write in-house, this is only a fraction of the code contained within a web application.