Round Up of Major Breaches and Scams
Security researchers are warning of a new phishing campaign that uses malicious emails from legitimate SurveyMonkey domains in a bid to bypass security filters. The phishing emails in question are sent from a real SurveyMonkey domain but crucially have a different reply-to domain, according to Abnormal Security.
Round Up of Major Malware and Ransomware Incidents
Google announced plans this week to ban ads that promote stalkerware, spyware, and other forms of surveillance technology that can be used to track other persons without their specific consent. The change was announced this week as part of an upcoming update to Google Ads policies, set to enter into effect next month, on August 11, 2020.
The authors of a particularly persistent Android malware family called “Joker” have once again found a way to sneak their product into Google’s official Play mobile app store. The malware (aka “Bread”) is known for subscribing mobile users to premium content without their knowledge and has been floating around since at least early 2017.
A suspected ransomware attack has caused the temporary closure of an Alabama county’s computer network. Chilton County implemented a shutdown after being targeted by a suspected ransomware attack on the morning of July 7. County Commission Chairman Joseph Parnell announced the incident on the social media network Facebook.
A number of inactive websites have been compromised and are redirecting visitors to unwanted URLs, many of which are malicious. This is according to a new study by Kaspersky, which uncovered over 1000 inactive domains that send users to second-hand pages as a way for fraudsters to make money or even infect their device. Inactive domains are sometimes purchased by a service before being put up for sale on an auction site.
Round Up of Major Vulnerabilities and Patches
The 754 million packets-per-second peak was part of a four-day attack involving more than 316,000 sending addresses. Cloudflare revealed this week that on June 21 it detected and mitigated a packet-based volumetric DDoS attack that peaked at 754 million packets-per-second. According to researchers, that peak was part of a four-day attack from June 18-21 that saw traffic from more than 316,000 different IP addresses directed at a single Cloudflare address.
A newly discovered bug in the Zoom Client for Windows could allow remote code-execution, according to researchers at 0patch, which disclosed the existence of the flaw on Thursday after pioneering a proof-of-concept exploit for it. The issue was confirmed for Threatpost by a Zoom spokesperson. The 0patch team said that the vulnerability is present in any currently supported version of Zoom Client for Windows, and is unpatched and previously unknown — catnip for cybercriminals.