Round Up of Major Breaches and Scams
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) is warning enterprises of cyberattacks launched from the Tor network. Threat actors leverage the Tor network to hide the real source of their attacks and avoid that their C2 infrastructure could be identified and shut down by CISA. Attackers use Tor to carry out malicious activities including system compromise, data exfiltration, denial of service (DoS) attacks, and also reconnaissance.
Early on Thursday, two Twitter users pointed out the serious data privacy breach problems arising in the DU admit card 2020 download portal, which is part of the official Delhi University website. Anyone with the ‘gateway password’ can download the admit cards of all students in any Delhi University college.
Round Up of Major Malware and Ransomware Incidents
An old and dangerous piece of Android malware called FakeSpy has resurfaced in a big way, according to a new report from Cybereason. FakeSpy, which was first discovered by security researchers nearly three years ago, is a particularly nasty piece of malware designed to steal a user’s text messages, financial data, bank login information, app data, contact lists, and more.
A new ransomware known as Try2Cry is trying to worm its way onto other Windows computers by infecting USB flash drives and using Windows shortcuts (LNK files) posing as the targets’ files to lure them into infecting themselves. The Try2Cry ransomware was discovered by G DATA malware analyst Karsten Hahn when a detection signature designed to spot USB worm components got triggered while analyzing an unidentified malware sample.
Just like jokes, sometimes the old vulnerabilities are the best ones. So, stop us if you’ve heard this before: ransomware criminals are still using malicious Excel 4.0 macros in campaigns. This week, Microsoft’s security intelligence team noted that Avaddon was the latest malware to use the macros as an infection vector.
There have been several incidents at major Iranian industrial facilities in recent weeks. Iranian officials blamed the Parchin explosion on a gas leak and in the case of Natanz they downplayed the incident claiming that it only impacted a warehouse that was under construction.
Sodinokibi ransomware (aka REvil) operators have breached the Brazilian-based electrical energy company Light S.A. and are demanding a $14 million ransom. The company issued comments to a local newspaper confirming the attack, Light S.A. admitted the intrusion to a local newspaper, but it did provide technical details of the security breach either disclose the type of ransomware that infected its systems.
Round Up of Major Vulnerabilities and Patches
Microsoft released security updates via the Microsoft Store last week, and it’s confusing many users who want to make sure their devices are protected. When Microsoft releases security updates for Windows, they are almost always released via Windows Update or by standalone updates that can be downloaded from the Microsoft Catalog.
Spam filters are something we rarely give a thought to, but nevertheless, they are quite important- working backstage and taking quite the load off. This was something many Gmail users realized after a glitch in Gmail’s spam filter let dangerous, malicious, not safe for work messages to be sent to their inbox.
Researchers from Cisco Talos disclosed technical details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. The first issue, tracked as CVE-2020-6463, is a memory corruption vulnerability that affects PDFium, an open source PDF library used by Chrome and other applications.
Web applications (web apps) are rapidly growing in both importance and complexity. As e-commerce becomes more popular, the availability and security of an organization’s web presence have a dramatic impact on its profitability. While developers commonly perform security scanning against the code that they write in-house, this is only a fraction of the code contained within a web application.