Categories
Breach Cryptojacking Cyber Security DDoS Malware Ransomware Vulnerability

Phishing campaign collects corporate data, targets Office 365, NVIDIA patches high-severity flaws in Windows, Linux, and more

Major cybersecurity events on 25th June 2020 (Morning Post): Black Hat survey registers record levels of concerned security professionals regarding potential breaches. Self-propelling Lucifer malware targets Windows with DDoS, cryptojacking attacks.

Round Up of Major Breaches and Scams

Black Hat Survey: Breach Concerns Hit Record Levels Due to COVID-19

Thanks to the COVID-19 crisis, security professionals are more concerned than ever about potential breaches, according to a survey released by Black Hat this week. Respondents – 273 top security professionals – registered record levels of concern about near-term compromises of their own IT environments, as well as US critical infrastructure.

Experts discovered phishing emails in Office 365 accounts

Check Point experts discovered a sophisticated phishing campaign aimed at collecting corporate data and compromising Microsoft Office 365 accounts. To avoid detection, hackers used the servers of well – known organizations such as Oxford University, Adobe and Samsung. 43% of these attacks were targeted at European companies, while the rest were seen in Asia and the Middle East.

Round Up of Major Malware and Ransomware Incidents

Glupteba – the malware that gets secret messages from the Bitcoin blockchain

“Our experts have deconstructed a strain of malware called Glupteba that uses just about every cybercrime trick you’ve heard of, and probably several more besides. Like a lot of malware these days. Glupteba is what’s known a zombie or bot (short for software robot) that can be controlled from afar by the crooks who wrote it.”

Self-Propagating Lucifer Malware Targets Windows Systems

Security experts have identified a self-propagating malware, dubbed Lucifer, that targets Windows systems with cryptojacking and distributed denial-of-service (DDoS) attacks. The never-before-seen malware initially tries to infect PCs by bombarding them with exploits in hopes of  taking advantage of an “exhaustive” list of unpatched vulnerabilities.

Round Up of Major Vulnerabilities and Patches

HEY pulls feature which could expose email threads without participants’ knowledge

A new service called HEY claims to have a fresh take on email. It gives users of the new email service, an easy way of sharing a public link to an email thread. HEY displays a clear message that sharing the link would allow anyone in the world to access it. But it doesn’t seek the permission of anyone else on that email thread.

NVIDIA patches high severity flaws in Windows, Linux drivers

NVIDIA has released security updates to address security vulnerabilities found in GPU Display and CUDA drivers and Virtual GPU Manager software that could lead to code execution, denial of service, escalation of privileges, and information disclosure on both Windows and Linux machines.