Cybersecurity Weekly: Apple Mail flaw, hackers make millions, Trickbot exploits COVID-19
Apple devices found to be vulnerable to a zero-day flaw in the default mail app. Hackers trick British private equity firms into sending $1.3 million. Microsoft warns of prolific Trickbot malware exploiting COVID-19 crisis. All this, and more, in this week’s edition of Cybersecurity Weekly.
Phishing simulations & training
1. Apple devices found to be vulnerable to zero-day flaw in mail app
Security researchers found two critical flaws on the pre-installed mail app on millions of iPhones and iPads. Attackers have been exploiting these flaws in the wild for at least the last two years to spy on high-profile victims. The flaws let remote hackers secretly take complete control over Apple devices just by sending an email to the victim.
Read more »
2. Hackers trick British private equity firms into sending $1.3 million
Cybersecurity researchers say nearly $700,000 of the total wire transferred amount was permanently lost to the attackers, with the rest of the amount being recovered after the targeted firms were alerted in time. The cybercrime gang behind this attack is highly-skilled and has been active for several years, according to law enforcement.
Read more »
3. Microsoft warns of prolific Trickbot malware exploiting COVID-19
In a recent statement, Microsoft Security Intelligence warned that hackers are posing as the USA Volunteer Organization and the USA Humanitarian Group to send hundreds of emails offering free COVID-19 medical advice and testing. Each email aims to install the Trickbot malware using unique macro-laced document attachments.
Read more »
4. SeaChange video platform allegedly hit by Sodinokibi ransomware
A leading supplier of video delivery software solutions is the latest victim of the Sodinokibi ransomware, who posted images of data they claim to have stolen from the company during a cyberattack. The Sodinokinobi operators refused to divulge the amount of data that was stolen and how much they demanded in ransom.
Read more »
5. Malicious USB drives infect 35,000 computers with crypto-mining botnet
Cybersecurity researchers took down a portion of a malware botnet comprising at least 35,000 compromised Windows systems that attackers were using to mine Monero cryptocurrency. The botnet, named VictoryGate, has been active since May 2019, with infections mainly reported in Latin America.
Read more »
6. NSA warns of hackers exploiting vulnerable web servers to deploy backdoors
The security advisory published by the National Security Agency contains a wide range of information for security teams who want to detect hidden web shells, manage the response and recovery processes after detecting web shells, and block malicious actors from deploying such tools on unpatched servers.
Read more »
7. Researcher discloses four zero-day bugs in IBM's enterprise security software
A cybersecurity researcher publicly disclosed technical details and proof of concept for four unpatched zero-day vulnerabilities affecting an enterprise security software offered by IBM after the company refused to acknowledge the responsibly submitted disclosure. When chained together, these four bugs can lead to a hacker gaining root access on remote servers.
Read more »
8. Paay misconfiguration leaves transaction data exposed
New York-based card payment processor Paay failed to enable a password on a server storing personal information related to some 2.5 million consumer transactions. The server was open to the internet for approximately three weeks before being pulled offline once Paay was notified of the open server. Records included full plaintext credit card information.
Read more »
9. Kinomap data breach exposes 42 million records
Approximately 40GB worth of information belonging to users of Kinomap, a service that creates workout videos, was discovered by security researchers in March. This data amounted to 42 million records and affected the platform’s entire user base, including people from a number of countries across the UK, Europe and the U.S.
Read more »
See Infosec IQ in action
10. Zoom rolls out security updates following Zoombombing and security flaws
Zoom announced a series of updates that include support for AES 256-bit encryption as well as features intended to make controlling security aspects of Zoom meetings more intuitive. The Zoom 5.0 update, which is rolling out this week, also introduces the ability to report a user to Zoom and enables the waiting room feature and meeting passwords by default.
Read more »
In this Series
- Cybersecurity Weekly: Apple Mail flaw, hackers make millions, Trickbot exploits COVID-19
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
