Cybersecurity Weekly: O365 phish, Google Analytics exploit, LG Electronics ransomware
Office 365 users are being targeted by a Coronavirus employee training phish. Hackers are using Google Analytics to bypass web security and steal credit cards. LG Electronics was allegedly hit by a Maze ransomware attack. All this, and more, in this week’s edition of Cybersecurity Weekly.
Phishing simulations & training
1. Office 365 users targeted by Coronavirus employee training phish
Researchers are warning of a new phishing attack that sends Coronavirus training resources to employees who are returning to the workplace as COVID-19 lockdowns lift. The recent phishing campaign leverages novel training programs that are required for employees in the workplace to comply with coronavirus regulations.
Read more »
2. Hackers using Google Analytics to bypass web security and steal credit cards
Hackers are now exploiting Google Analytics to stealthily pilfer credit card information from infected e-commerce sites. Threat actors are now injecting data-stealing code on the compromised websites in combination with tracking code generated by Google Analytics for their own account, letting them exfiltrate payment information.
3. LG Electronics allegedly hit by Maze ransomware attack
Maze ransomware operators claimed on their website that they breached and locked the network of LG Electronics. When asked how many devices were encrypted, the Maze operators told reporters that this information currently is private and will be provided only to LG negotiators.
4. VirusTotal adds Cynet's artificial intelligence-based malware detection
VirusTotal, the famous multi-antivirus scanning service owned by Google, recently announced new threat detection capabilities it added with the help of an Israeli cybersecurity firm. Cynet, the creator of the autonomous breach protection platform, has now integrated its Cynet Detection Engine into VirusTotal.
Read more »
5. Docker images containing cryptojacking malware distributed via Docker Hub
With Docker gaining popularity as a service to package and deploy software applications, malicious actors are targeting exposed API endpoints and crafting malware-infested images to facilitate DDoS attacks and mine cryptocurrencies. The purpose of these Docker images is to generate funds by deploying a cryptocurrency miner using Docker containers
Read more »
6. Critical bugs and backdoor found in GeoVision's fingerprint and card scanners
GeoVision, a Taiwanese manufacturer of video surveillance systems and IP cameras, recently patched three of the four critical flaws. These vulnerabilities impact its card and fingerprint scanners that could've potentially allowed attackers to intercept network traffic and stage man-in-the-middle attacks.
Read more »
7. Golang worm widens scope to Windows, adds payload capacity
A new version of a known malware campaign aimed at installing cryptominers has changed up its tactics, adding attacks on Windows servers and a new pool of exploits to its bag of tricks. It is also swiftly evolving to position itself as a backdoor for downloading future, more damaging malware.
8. European bank suffers biggest DDoS attack, new botnet suspected
A bank in Europe was the target of a huge DDoS attack that sent to its networking gear a flood of 809 million packets per second. The attack can easily be a contender for the largest DDoS incident to date, despite not being a bandwidth-intensive attack, with a footprint of just 418Gbps.
Read more »
9. Hackers hide credit card stealing script in favicon metadata
In a new report, an online store using the WordPress WooCommerce plugin was found to be infected with a Magecart script to steal customer's credit cards. What made this attack stand out was that the scripts used to capture data from payment forms were not added directly to the site, but were contained in the EXIF data for a remote site's favicon image.
Read more »
Phishing simulations & training
10. TikTok to stop clipboard snooping after Apple privacy feature exposes behavior
Apple recently added a new banner alert to iOS 14 that lets users know if a mobile app is pasting from the clipboard and thus able to read to a user’s cut-and-paste data. This new privacy feature sheds light on TikTok’s practice of reading iPhone users’ cut-and-paste data, even though the company said in March it would stop.
Read more »
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
In this Series
- Cybersecurity Weekly: O365 phish, Google Analytics exploit, LG Electronics ransomware
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
