Cybersecurity Weekly: Coronavirus phishing scam, Android Bluetooth worm, Philips Hue flaw
Phishers impersonate the World Health Organization with a new coronavirus email scam. A critical Android Bluetooth flaw leaves the mobile OS exploitable without any user interaction. Philips Hue smart lights expose Wi-Fi networks to hackers. All this, and more, in this week’s edition of Cybersecurity Weekly.
Phishing simulations & training
1. Phishers impersonate WHO, exploit coronavirus-related anxiety
As cases of the virus infection keep popping up across the world, so do related malware, phishing schemes and other scams. Security researchers at Sophos identified a phishing email claiming to be from the World Health Organization. This email asks recipients to download safety measures and redirects them to a fake webpage that prompts for a username and password.
Read more »
2. Critical Android Bluetooth flaw exploitable without user interaction
Microsoft urged Android users to apply the latest security patches last week that address a critical vulnerability in the Bluetooth system. A hacker can leverage the security flaw without user interaction to run malicious code on the device with elevated privileges. Attackers can also spread the infection like a worm to other phones through the Bluetooth connection.
Read more »
3. Flaw in Philips smart light bulbs exposes your Wi-Fi network to hackers
Security researchers revealed a vulnerability affecting Philips Hue smart light bulbs that can be exploited wirelessly from over 100 meters away to gain entry into a Wi-Fi network. The underlying high-severity vulnerability resides in the way Philips implemented the wireless communication protocol in its smart light bulb.
Read more »
4. Phishing attack disables Google Play Protect, drops Anubis trojan
An Android phishing campaign is infecting devices with the Anubis banking trojan. It then steals financial information from more than 250 banking and shopping apps. In order to bypass security systems, the malware asks users to enable Google Play Protect while actually disabling it after being granted permissions on the device.
Read more »
5. Iowa prosecutors drop charges against men hired to test their security
In September 2019, the State of Iowa hired two security experts to perform a penetration test of its judicial system. They were then arrested for probing the security of an Iowa county courthouse and released on $100,000 bail. All charges were dropped by prosecutors last week.
Read more »
6. Wacom tablets collecting and storing user data
A security expert recently took a deep dive into the privacy policy of Wacom’s drawing tablets. After some research, he found logs being sent back to Wacom of every application he opened, along with a detailed timestamp. Furthermore, he uncovered that if you opt-out of this data collection, the next software update will turn it back on.
Read more »
7. Google Chrome to block mixed content downloads, preventing MitM attacks
Google is moving forward with its plan to block mixed content downloads from websites to protect users from man-in-the-middle attacks. Much like how they phased in HTTPS acceptance, Google will gradually roll out this feature in Chrome by first displaying console warnings before eventually blocking all mixed content downloads.
Read more »
8. Yahoo’s $117 million data breach settlement finalized
Following a series of Yahoo data breaches between 2012 and 2016, a proposed compensation package of $117 million is now nearly finalized. Although approximately three billion users across the world were affected by the breaches, compensation up to $358 per impacted user will only be available to 194 million U.S. and Israeli users.
Read more »
9. Ransomware exploits GIGABYTE driver to kill AV processes
The attackers behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious driver into Windows. The driver is used to terminate antivirus and security software with elevated privileges. Windows would normally prevent the installation of unsigned third-party drivers, but this attack piggybacks off of the legitimate GIGABYTE driver.
Read more »
10. Exfiltrating data from air-gapped computers using screen brightness
Phishing simulations & training
Hackers can exfiltrate sensitive data from your computer by simply changing the brightness of the screen, according to a new cybersecurity research study. These brightness changes are invisible to the human eye, but high-frame rate cameras are able to pick up the signal and decode it, much like Morse code.
Read more »
In this Series
- Cybersecurity Weekly: Coronavirus phishing scam, Android Bluetooth worm, Philips Hue flaw
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
