Cybersecurity Weekly: Social media phish, Polish hackers busted, Fortinet vulnerability
Phishing attacks target social network accounts. Polish police shut down a major group of hackers in the country. Fortinet VPN with default settings leaves 200,000 businesses open to hackers. All this, and more, in this week’s edition of Cybersecurity Weekly.
Should you pay the ransom?
1. Phishing attacks target social network accounts
Scammers are targeting social network accounts with phishing emails that pretend to be copyright violations or promises of account verification. These stolen accounts are then used for disinformation campaigns, cryptocurrency scams like the recent Twitter hacks or sold on underground markets.
Read more »
2. Polish police shut down major group of hackers in the country
Polish authorities dismantled a major hacker group that was involved in multiple cybercrime activities, including ransomware attacks, malware distribution, SIM swapping, banking fraud, running rogue online stores and making bomb threats at the request of paying customers.
Read more »
3. Fortinet VPN with default settings leaves 200,000 businesses open to hackers
Several new digital threats have capitalized on the health concern to exploit weaknesses in the remote work infrastructure and carry out malicious attacks. Now, over 200,000 businesses with the Fortigate VPN solution — with default configuration — are vulnerable to man-in-the-middle attacks.
Read more »
4. FinSpy spyware for Mac and Linux targets Egyptian organizations
Amnesty International exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with FinSpy spyware designed to target Linux and macOS systems. FinSpy, also known as FinFisher, can target both desktop and mobile operating systems to gain spying capabilities, including secretly recording webcams and microphones.
Read more »
5. Windows XP source code reportedly leaked online
The source code for Microsoft's 19-year-old operating system was published as a torrent file on the notorious bulletin board website 4chan. This marks the first time when source code for Microsoft's operating system has been leaked to the public. The torrent download also includes source code for various Windows 10 components and the operating system of the original Xbox.
Read more »
6. Instagram bug could've given hackers remote access to phones
Cybersecuirty researchers disclosed details about a critical vulnerability in Instagram's Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image. The flaw lets attackers both perform actions on behalf of the user and execute arbitrary code on the device.
Read more »
7. New hacking group hitting Russian companies with ransomware
Last week, cybersecurity researchers uncovered a new group that has been actively trying to conduct multistage attacks on large corporate networks of medical labs, banks, manufacturers and software developers in Russia. The ransomware gang, codenamed OldGremlin, has been linked to a series of campaigns since March 2020.
Read more »
8. Microsoft disrupts nation-state hacker op using Azure Cloud service
In a report last week, Microsoft said that it disrupted operations of a nation-state threat group that was using its Azure cloud infrastructure for cyberattacks. Microsoft refers to the actor by the name Gadolinium and says that it's been active for about a decade targeting organizations in the maritime and health industry.
Read more »
9. Mount Locker ransomware joins the multi-million dollar ransom game
A new ransomware operation named Mount Locker is stealing victims' files before encrypting and then demanding multi-million dollar ransoms. Before encrypting files, Mount Locker will also steal unencrypted files and threaten victims that the data will be published if a ransom is not paid.
Read more »
Phishing simulations & training
10. Cisco fixes 34 High-Severity flaws in IOS and IOS XE software
Last week, Cisco released security patches for 34 high-severity vulnerabilities affecting its IOS and IOS XE software. Some of the issues can be exploited by a remote, unauthenticated attacker to trigger a denial-of-service condition, and one flaw could also allow hackers to gain access to sensitive data.
Read more »
In this Series
- Cybersecurity Weekly: Social media phish, Polish hackers busted, Fortinet vulnerability
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
