Select Page

Cybersecurity News

Weekly Summary of the Top Stories in Cybersecurity

Cybersecurity News: December 13, 2021

Cybersecurity News: December 13, 2021

DOJ Announces New Initiative to Use False Claims Act to Enforce Compliance with Data Privacy and Security Laws and Contract Requirements

JD Supra
“This new initiative significantly expands the potential liability of federal contractors and healthcare provider that participate in federal healthcare programs related to data privacy and cybersecurity issues.” Read More

Cybersecurity Takes the Wheel as Auto Industry’s Top Priority

Dark Reading, Yash Prakash
“The auto industry’s reliance on software and connectivity will only become more pronounced in the years to come. Building effective cybersecurity into all aspects of new vehicles and systems is essential to ensuring the future success of the automotive industry.” Read More

27 flaws in USB-over-network SDK affect millions of cloud users

Bleeping Computer, Bill Toulas
“These vulnerabilities allow attackers to escalate privileges enabling them to disable security products, overwrite system components, corrupt the operating system, or perform malicious operations unimpeded.” Read More

SolarWinds hackers have been quietly targeting governments, cloud providers

SC Magazine, Derek B. Johnson
“The SolarWinds campaign was about who were the vendors you trust and all the different software in your environment, and this threat actor leveraged that one-to-many relationship pretty well. When we fast forward to now and talking about the cloud service providers, that’s them again saying why spend a lot of effort targeting a dozen individual companies when I can instead target one company that can then get me into those dozen ones.” Read More

GraphQL API authorization flaw found in major B2B financial platform

ZD Net, Jonathan Greig
“It is tempting to believe that mobile apps create an obscurity layer that is hard for attackers to crack, but decades of experience show that security through obscurity just doesn’t get the job done. Organizations need to make sure every transaction requires authorization and every step of a transaction is checked to make sure the permissions are appropriate for what is being attempted.” Read More

Cybersecurity News: December 6, 2021

Cybersecurity News: December 6, 2021

Phishing actors start exploiting the Omicron COVID-19 variant

Bleeping Computer, Bill Toulas
“Threat actors are quick to adjust to the latest trends and hot topics, and increasing people’s fears is an excellent way to cause people to rush to open an email without first thinking it through.” Read More

APT Groups Adopt New Phishing Method. Will Cybercriminals Follow?

Dark Reading, Kelly Sheridan
“By altering document formatting properties of [a rich text format] file, the attacker can weaponize it to access remote content by specifying a URL resource instead of an accessible file destination.” Read More

Yanluowang Ransomware Now Targeting US Companies

PC Magazine, Nathaniel Mott
“Symantec says that Yanluowang attacks typically involve an initial reconnaissance phase followed by credential harvesting, data exfiltration, and finally the encryption of the victim’s files.” Read More

HHS: APT targeting biomanufacturing with stealthy Tardigrade malware

SC Magazine, Jessica Davis
“The main role of this malware is still to download, manipulate files, send main.dll library if possible, deploy other modules and remain hidden [and for] espionage, tunnel creation, and for a bigger payload.” Read More

Credentials exposed for majority of US financial firm employees

SC Magazine, Karen Hoffman
“Employees and humans are the weakest points in terms of an organization’s cybersecurity posture and our findings related to the vast number of exposures in circulation are a serious cause for concern. These exposed credentials are the keys for threat actors to access companies’ sensitive data and critical systems.” Read More

Cybersecurity News: November 29, 2021

Cybersecurity News: November 29, 2021

FBI warns of phishing targeting high-profile brands’ customers

Bleeping Computer, Sergiu Gatlan
“When cyber criminals gain access to a consumer’s online and email accounts, cyber criminals may be able to intercept emails with 2FA codes that are used to make significant changes to online accounts, update passwords, verify user access, or change security rules and setup before the account owner is notified and aware.” Read More

Holiday Scams Drive SMS Phishing Attacks

Dark Reading, Robert Lemos
“As the holidays approach, the volume of short message service (SMS) phishing has almost doubled from the same period in the prior year, continuing a trend of SMS-text phishing growing as a vector to attack mobile users and their devices.” Read More

GoDaddy security breach impacts more than 1 million WordPress users

Tech Republic, Lance Whitney
“The hosting company discovered unauthorizing access by a third party to its Managed WordPress hosting environment. [It] found that the third party used a compromised password to access the provisioning system in its legacy code base for Managed WordPress.” Read More

Hackers Exploit ProxyLogon and ProxyShell Bugs in Phishing Blitz

Infosecurity Magazine, Phil Muncaster
“Delivering the malicious spam using this technique to reach all the internal domain users will decrease the possibility of detecting or stopping the attack, as the mail getaways will not be able to filter or quarantine any of these internal emails.” Read More

Verizon’s Visible cell customers hacked, leading to unauthorized purchases

ARS Technica, Ax Sharma
“We have learned of an incident wherein information on some member accounts was changed without their authorization. … Our investigation indicates that threat actors were able to access username/passwords from outside sources and exploit that information to log in to Visible accounts.” Read More

Cybersecurity News: November 22, 2021

Cybersecurity News: November 22, 2021

California Pizza Kitchen spills over 100,000 employee Social Security numbers

Tech Crunch, Carly Page
“The company said it learned of a ‘disruption’ to its systems on September 15 and moved to ‘immediately secure’ its environment. By October 4, the company said it had determined cybercriminals had infiltrated its systems and gained access to certain files, including employee names and SSNs.” Read More

US, UK warn of Iranian hackers exploiting Microsoft Exchange, Fortinet

Bleeping Computer, Sergiu Gatlan
“FBI and CISA have observed this Iranian government-sponsored APT group exploit Fortinet vulnerabilities since at least March 2021 and a Microsoft Exchange ProxyShell vulnerability since at least October 2021 to gain initial access to systems in advance of follow-on operations, which include deploying ransomware.” Read More

New banking Trojan SharkBot makes waves across Europe, US

ZD Net, Charlie Osborne
“With the discovery of SharkBot we have shown new evidence about how mobile malware [is] quickly finding new ways to perform fraud, trying to bypass behavioral detection countermeasures put in place by multiple banks and financial services during the last years.” Read More

10,000+ websites and apps are vulnerable to Magecart

Helpnet Security
“Victims are often the last to know as it’s only later that organizations find that their data was sold or exploited, with the problem extending beyond any single vendor or client relationship. For enterprises in particular, Magecart attacks pose a significant challenge because it is problematic to set up a solution at scale.” Read More

Ohio hospital diverting ambulances, canceling appointments amid cyberattack

SC Magazine, Jessica Davis
“The latest advisory shows the health system is still working to safely restore systems and operations and warns province residents that it appears protected health information was stolen in the attack.” Read More

Mitre Disrupting Advanced Persistent Threats