Cybersecurity Weekly: Cloud service phish, Zoom URL flaw, Tetrade banking malware
A new phishing campaign abuses a trio of enterprise cloud services. A flaw in Zoom’s Vanity URL feature could have been exploited in phishing attacks. Tetrade banking malware families target users worldwide. All this, and more, in this week’s edition of Cybersecurity Weekly.
Top Security Awareness Posters
1. New phishing campaign abuses a trio of enterprise cloud services
A new phishing campaign uses Microsoft Azure, Microsoft Dynamics and IBM Cloud as part of an attempt to steal login credentials. The phishing email imitates a quarantined mail notification frequently sent out in workplaces by email security products and spam filters, asking the recipient to release messages stuck in the queue.
Read more »
2. A flaw in Zoom’s Vanity URL feature could have been exploited in phishing attacks
A vulnerability affecting the Zoom feature dubbed Vanity URL could have been exploited by hackers for phishing attacks. In the attack reported by researchers, the URL would actually point to a subdomain registered by the attacker with a name that looks like the one of the target. With this attack scheme, the attacker aims at tricking the victims into handing over credentials.
Read more »
3. Tetrade banking malware families target users worldwide
Cybersecurity researchers have detailed four different families of Brazilian banking trojans, tracked as Tetrade, that have targeted financial institutions in Brazil, Latin America and Europe.The four malware families are the result of a Brazilian banking group that is evolving its capabilities targeting banking users abroad.
Read more »
4. Several high-profile accounts hacked in Twitter hack
A number of high-profile Twitter accounts, including those of U.S. presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon Musk, Uber and Apple, were breached simultaneously in what's a far-reaching hacking campaign carried out to promote a cryptocurrency scam.
Read more »
5. BadPower attack corrupts fast chargers to melt or set devices on fire
Security researchers said they can alter the firmware of fast chargers to cause damage to connected charging systems, such as melt components or set devices on fire. According to researchers, the attack, dubbed BadPower, corrupts the firmware of newly-developed fast chargers.
Read more »
6. Hackers accidentally expose training videos online
An OPSEC error by an Iranian threat actor exposed the inner workings of the hacking group by providing a rare insight into the behind-the-scenes look into their methods. Some of the victims in the videos included personal accounts of U.S. and Greek Navy personnel, in addition to unsuccessful phishing attempts directed against U.S. state department officials.
Read more »
7. New Android malware steals passwords for non-banking apps too
Last week, cybersecurity researchers uncovered a new strain of banking malware that targets not only banking apps but also steals data and credentials from social networking, dating and cryptocurrency apps — a total of 337 non-financial Android applications on its target list.
Read more »
8. Orange confirms ransomware attack exposing business customers' data
The French telecommunications company confirmed that they suffered a ransomware attack exposing the data of twenty of their enterprise customers. On July 15th, 2020, the ransomware operators behind the Nefilim Ransomware added Orange to their data leak site and stated that they breached the company through their Orange Business Solutions division.
Read more »
9. Hackers look to steal COVID-19 vaccine research
The advanced threat actor known as APT29 has been hard at work attempting to steal COVID-19 vaccine research from academic and pharmaceutical research institutions in various countries around the world. The U.S. DHS advisory details the recent activity of APT29, including the use of custom malware called WellMess and WellMail for data exfiltration.
Read more »
Phishing simulations & training
10. Introducing the PhishingKitTracker
Experts that want to study phishing attack schema and Kit-composition can use the new PhishingKitTracker, which is updated automatically. Created by security researcher Marco Ramilli, this tracker correlates phishy domains and follows the attack chain back to a single phishing attack.
Read more »
In this Series
- Cybersecurity Weekly: Cloud service phish, Zoom URL flaw, Tetrade banking malware
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
