Cybersecurity Weekly: Vaccine phish, firewall evasion, VMware authentication fix

April 6, 2021 by Sam Fay

Phishing attacks use vaccine surveys to steal personal info. Hackers are using a Windows OS feature to evade firewalls. VMware fixes an authentication bypass. All this, and more, in this week’s edition of Cybersecurity Weekly.


1. Phishing attacks use vaccine surveys to steal personal info

The U.S. Department of Justice warned of phishing attacks using fake post-vaccine surveys to steal money from people or tricking them into handing over their personal information. Attackers promise potential victims cash or prizes for filling out the fake surveys. Instead, they only harvest the personally identifiable information to fuel fraud schemes.
Read more »


2. Hackers using a Windows OS feature to evade firewall

A novel hacking technique finds ways to use Microsoft’s Background Intelligent Transfer Service to deploy malicious payloads on Windows machines. Last year, hospitals, retirement communities and medical centers bore the brunt of an ever-shifting phishing campaign that distributed custom backdoors such as KEGTAP.
Read more »

3. VMware fixes authentication bypass

VMware addressed a critical vulnerability in the VMware Carbon Black Cloud Workload appliance that could be exploited by attackers to bypass authentication. An attacker can manipulate an URL on the administrative interface of the VMware Carbon Black Cloud Workload appliance to bypass authentication.
Read more »

4. Over $4 billion lost to cyber crime in 2020

In its 2020 Internet Crime Report, the FBI revealed that the Internet Crime Complaint Center received a record number of complaints from the American public in 2020. It received a total of 791,790 reports during the 12-month period, a 69% increase compared to 2019, with reported losses exceeding $4.1 billion.
Read more »


5. Ransomware gang wanted $40 million in Florida schools cyberattack

Fueled by large payments from victims, ransomware gangs are demanding ridiculous ransoms from organizations that can not afford to pay them. An example of this is a recently revealed ransomware attack on the Broward County Public Schools district where threat actors demanded a $40,000,000 payment.
Read more »


6. Coinhive domain repurposed to warn visitors of hacked sites

After taking over the domains for the notorious Coinhive in-browsing Monero mining service, a researcher is now displaying alerts on hacked websites that are still injecting the mining service’s JavaScript. While Coinhive was used legitimately in a few cases, the majority of times, it was used to illegally mine cryptocurrency without a user’s permission.
Read more »


7. Man charged with hacking water system and endangering lives

A 22-year-old man from Kansas has been indicted on charges that he fraudulently accessed a public water facility’s computer system, jeopardizing the residents’ safety and health in the local community. The threat actor used the compromised endpoint to shut down the cleaning and disinfecting processes at the facility.
Read more »


8. Hackers set up a fake cybersecurity firm to target security experts

A campaign targeting cybersecurity researchers with malware re-emerged with new tactics in their arsenal as part of a fresh social engineering attack. The new website claims the company is an offensive security company located in Turkey that offers pentests, software security assessments and exploits.
Read more »


9. 533 million Facebook users’ personal data leaked online

Personal information associated with approximately 533 million Facebook users worldwide was leaked on a popular cybercrime forum for free. The data seems to have been obtained by exploiting a vulnerability that enabled automated scripts to scrape Facebook users’ public profiles and associated private phone numbers.
Read more »


10. A $5.7 million crypto heist sent social tokens into free fall

Last week, a hack sunk the value of several social tokens minted and distributed on the social money platform, Roll. The WHALE, RARE and PICA currencies were all hit by more than 50% in price as an attacker made off with almost 3000 ETH, or about $5.7 million.
Read more »

Posted: April 6, 2021
Sam Fay
View Profile