Cybersecurity Weekly: Social media phish, Polish hackers busted, Fortinet vulnerability

September 29, 2020 by Sam Fay

Phishing attacks target social network accounts. Polish police shut down a major group of hackers in the country. Fortinet VPN with default settings leaves 200,000 businesses open to hackers. All this, and more, in this week’s edition of Cybersecurity Weekly.


1. Phishing attacks target social network accounts

Scammers are targeting social network accounts with phishing emails that pretend to be copyright violations or promises of account verification. These stolen accounts are then used for disinformation campaigns, cryptocurrency scams like the recent Twitter hacks or sold on underground markets.
Read more »


2. Polish police shut down major group of hackers in the country

Polish authorities dismantled a major hacker group that was involved in multiple cybercrime activities, including ransomware attacks, malware distribution, SIM swapping, banking fraud, running rogue online stores and making bomb threats at the request of paying customers.
Read more »


3. Fortinet VPN with default settings leaves 200,000 businesses open to hackers

Several new digital threats have capitalized on the health concern to exploit weaknesses in the remote work infrastructure and carry out malicious attacks. Now, over 200,000 businesses with the Fortigate VPN solution — with default configuration — are vulnerable to man-in-the-middle attacks.
Read more »


4. FinSpy spyware for Mac and Linux targets Egyptian organizations

Amnesty International exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with FinSpy spyware designed to target Linux and macOS systems. FinSpy, also known as FinFisher, can target both desktop and mobile operating systems to gain spying capabilities, including secretly recording webcams and microphones.
Read more »


5. Windows XP source code reportedly leaked online

The source code for Microsoft’s 19-year-old operating system was published as a torrent file on the notorious bulletin board website 4chan. This marks the first time when source code for Microsoft’s operating system has been leaked to the public. The torrent download also includes source code for various Windows 10 components and the operating system of the original Xbox.
Read more »


6. Instagram bug could’ve given hackers remote access to phones

Cybersecuirty researchers disclosed details about a critical vulnerability in Instagram’s Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image. The flaw lets attackers both perform actions on behalf of the user and execute arbitrary code on the device.
Read more »


7. New hacking group hitting Russian companies with ransomware

Last week, cybersecurity researchers uncovered a new group that has been actively trying to conduct multistage attacks on large corporate networks of medical labs, banks, manufacturers and software developers in Russia. The ransomware gang, codenamed OldGremlin, has been linked to a series of campaigns since March 2020.
Read more »


8. Microsoft disrupts nation-state hacker op using Azure Cloud service

In a report last week, Microsoft said that it disrupted operations of a nation-state threat group that was using its Azure cloud infrastructure for cyberattacks. Microsoft refers to the actor by the name Gadolinium and says that it’s been active for about a decade targeting organizations in the maritime and health industry.
Read more »


9. Mount Locker ransomware joins the multi-million dollar ransom game

A new ransomware operation named Mount Locker is stealing victims’ files before encrypting and then demanding multi-million dollar ransoms. Before encrypting files, Mount Locker will also steal unencrypted files and threaten victims that the data will be published if a ransom is not paid.
Read more »


10. Cisco fixes 34 High-Severity flaws in IOS and IOS XE software

Last week, Cisco released security patches for 34 high-severity vulnerabilities affecting its IOS and IOS XE software. Some of the issues can be exploited by a remote, unauthenticated attacker to trigger a denial-of-service condition, and one flaw could also allow hackers to gain access to sensitive data.
Read more »

Posted: September 29, 2020
Sam Fay
View Profile