Round Up of Major Breaches and Scams
Business email compromise (BEC) attacks have more than doubled in the past year as cyber criminals try to use their email scams against big businesses. This form of cyber crime is often based around scammers pretending to be someone known to the victim – a colleague, a contractor, or maybe even their boss – and asking for a large sum of money to be transferred, often under the guise of a business deal or payment.
Threat actors continue to capitalize on fears surrounding the spread of the COVID-19 virus through a surge in new phishing campaigns that use spoofing tactics to effectively evade Proofpoint and Microsoft Office 365 advanced threat protections (ATPs), researchers have found. An effective spoofing campaign promises users important information about new coronavirus cases in their local area, scooting past Proofpoint and Microsoft Office 356 ATPs.
Researchers are warning of an upward surge in social-engineering lures in malicious emails that promise victims financial relief during the coronavirus pandemic. A spate of phishing attacks have promised financial relief due to the coronavirus pandemic – but in reality swiped victims’ credentials, payment card data and more.
Round Up of Major Malware and Ransomware Incidents
A new Windows malware has emerged that makes disks unusable by overwriting the master boot record (MBR). It takes its cue from the COVID-19 pandemic, calling itself simply “Coronavirus.” Overwriting the MBR is the same trick that the infamous NotPetya wiper malware used in 2017 in a campaign that caused widespread, global financial damage.
Round Up of Major Vulnerabilities and Patches
For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital signature verifications are easy to bypass, a researcher said.
Researchers have published proof-of-concept (PoC) exploits to demonstrate that the Windows vulnerability tracked as SMBGhost and CVE-2020-0796 can be exploited for local privilege escalation. Microsoft says the vulnerability, which it patched on March 12 with an out-of-band update, can be exploited for remote code execution on SMB clients and servers. The critical flaw, described as “wormable” and related to the way SMB 3.1.1 handles certain requests, affects Windows 10 and Windows Server versions 1903 and 1909.
A patch has been released for a Linux kernel vulnerability that a researcher used at the recent Pwn2Own 2020 hacking competition to escalate privileges to root on Ubuntu Desktop.
Two zero-day flaws have been uncovered in Zoom’s macOS client version, according to researchers. The web conferencing platform vulnerabilities could give local, unprivileged attackers root privileges, and allow them to access victims’ microphone and camera.