Round Up of Major Breaches and Scams
In the midst of the COVID19 emergency, the San Raffaele hospital in Milan was the victim of a computer attack. Steal the personal data of patients, doctors, nurses and employees. Names, tax codes, email accounts and passwords stolen during a cyber attack between March and April.
Our new research recently discovered a security issue with Santander, the 5th largest bank in Europe and the 16th largest in the world. This Spanish multinational bank controls approximately $1.4 trillion in total assets globally, and has a $69.9 billion total market capitalization on the Euro Stoxx 50 stock market index.
Fraudsters are trying new things to bypass security controls in Office 365 and added a CAPTCHA page in the chain of redirects that ends on a phishing template for login credentials. To lure potential victims to the malicious page, the threat actor sent them an email purporting to be from the Supreme Court and claiming to deliver a subpoena for a hearing.
Round Up of Major Malware and Ransomware Incidents
Security researchers are warning of a new ransomware attack technique which deploys the malware as a virtual machine (VM) in order to evade traditional defenses. Sophos revealed that it recently detected a RagnarLocker attack in which the ransomware was hidden inside an Oracle VirtualBox Windows XP VM.
A descendant of the infamous Zeus banking trojan, dubbed Silent Night by the malware’s author, has emerged on the scene, with a host of functionalities available in a spendy malware-as-a-service (MaaS) model.
Round Up of Major Vulnerabilities and Patches
UK cyber-security vendor Sophos published today an update on its investigation into a recent series of attacks that tried to exploit a zero-day vulnerability in its XG firewall product. Sophos said that after they learned of the incident and issued a hotfix, the attackers panicked and modified their attack routine to replace their original data-stealing payload and deploy ransomware on corporate networks protected by Sophos firewalls.
Academics from Germany and Italy say they developed a new practical attack that breaks the separation between Wi-Fi and Bluetooth technologies running on the same device, such as laptops, smartphones, and tablets. Called Spectra, this attack works against “combo chips,” specialized chips that handle multiple types of radio wave-based wireless communications, such as Wi-Fi, Bluetooth, LTE, and others.
Tracked as CVE-2020-3280 and assessed with a CVSS score of 9.8, the vulnerability could allow an attacker to execute arbitrary code on an affected device remotely. The issue, Cisco explains in an advisory, exists because of the software’s insecure deserialization of user supplied content. An attacker could send a malicious serialized Java object to a specific listener to trigger the vulnerability and execute arbitrary code as the root user.