Categories
Adware Bug CVE Cyber Security Malware Skimming Vulnerability

Facebook, Google, Twitter pause reviews of Hong Kong data requests, Purple Fox adds two Microsoft exploits to arsenal, and more

Major cybersecurity events on 7th July 2020 (Morning Post): Adware targets Android users, Kaspersky finds them to be undeletable files. Credit card skimmer targets websites hosted on Microsoft IIS servers, running ASP.NET. Hotels.com code generator flaw fixed.

Round Up of Major Breaches and Scams

Facebook, Google suspend processing Hong Kong government data requests

Facebook, which also owns WhatsApp and Instagram, said in a statement it was pausing reviews for all of its services “pending further assessment of the National Security Law.” Google, a unit of Alphabet Inc (GOOGL.O), and Twitter said they suspended their reviews of data requests from Hong Kong authorities immediately after the law went into effect last week. Twitter cited “grave concerns” about the law’s implications.

Round Up of Major Malware and Ransomware Incidents

Android Users Hit with ‘Undeletable’ Adware

A healthy percentage of Android users targeted by mobile malware or mobile adware last year suffered a system partition infection, making the malicious files virtually undeletable. That’s according to research from Kaspersky, which found that 14.8 percent of its users who suffered such attacks were left with undeletable files.

Round Up of Major Vulnerabilities and Patches

Purple Fox EK Adds Microsoft Exploits to Arsenal

The Purple Fox exploit kit (EK) has added two new exploits targeting critical- and high-severity Microsoft vulnerabilities to its bag of tricks – and researchers say they expect more attacks to be added in the future. The Purple Fox EK was previously analyzed in September, when researchers said that it appears to have been built to replace the Rig EK in the distribution chain of Purple Fox malware, which is a trojan/rootkit.

Credit-Card Skimmer Seeks Websites Running Microsoft’s ASP.NET

A credit-card skimmer is exclusively targeting websites that are hosted on Microsoft IIS servers and running ASP.NET, the company’s web framework for developing web applications and services. Malwarebytes Lab researchers found more than a dozen websites compromised with malicious code injected into one of their existing JavaScript libraries.

Admins Urged to Patch Critical F5 Flaw Under Active Attack

Security experts are urging companies to deploy an urgent patch for a critical vulnerability in F5 Networks’ networking devices, which is being actively exploited by attackers to scrape credentials, launch malware and more. Last week, F5 Networks issued urgent patches for the critical remote code-execution flaw (CVE-2020-5902), which has a CVSS score of 10 out of 10.

Flaw Fixed in Hotels.com Generator as Tesco Clubcard Users Impacted

Tesco Clubcard users have been warned to check their accounts, after a weakness was discovered in the way that Hotels.com codes were generated, which then impacted Clubcard members as they tried to use their points. Whilst Tesco Clubcard’s IT systems have not been compromised in any way, research found cyber-criminals purchased fraudulent vouchers to provide huge discounts on bookings via Hotels.com.