Drinik malware returns, CISA unveils critical performance goals and rise in global data breaches
Drinik malware returns on Android targeting Indian banks, CISA announces cybersecurity performance goals for critical infrastructure and the rise in global data breaches. Catch all this and more in this week’s edition of Cybersecurity Weekly.
Phishing simulations & training
1. Drinik Android malware now targets users of 18 Indian banks
Drinik, the malware that has existed since 2016, has evolved into a sophisticated Android banking trojan. The new variant of Drinik comes in the shape of an APK with keylogging, screen recording, the ability to conduct overlay attacks, and abuse of Accessibility services. 18 Indian banks are affected by the malware, which impersonates the country’s Income Tax Department’s official app to steal users’ banking and personal information.
2. CISA unveils cybersecurity goals for critical infrastructure sectors
CISA (Cybersecurity and Infrastructure Security Agency) has issued a report highlighting baseline CPGs (cybersecurity performance goals) for critical infrastructure sectors. The CPGs are based on current cybersecurity guidance and frameworks, but also rely on real-world threats and adversary tactics observed by the agency and its partners. The development results from a July 2021 security memorandum, which tasked NIST and CISA with developing core cybersecurity practices for critical infrastructure.
3. Twilio hack investigation reveals second breach, as the number of affected customers rises
Messaging services provider Twilio disclosed that it experienced a second breach in June 2022 that saw hackers access customer contact information. The beach was carried out by the same adversary group that compromised Twilio again in August, the company said in an updated advisory shared last week. The June security incident saw the adversaries socially engineer an employee through voice phishing to provide their corporate credentials, enabling them to access contact data for a limited number of customers.
4. Data breaches rise by 70% globally in Q3 2022
A new study by cybersecurity company Surfshark reveals that the third quarter of 2022 saw a 70% rise in global data breaches compared to the previous quarter. Russia, France, Indonesia, the US, and Spain are the countries most affected by data breaches. While Russia led in terms of accounts compromised in each quarter of 2022, the United States remained the single most breached nation throughout the last decade.
5. Researchers report massive upgrade to Fodcha DDoS botnet
A new version of Fodcha, the DDoS botnet discovered by 360NetLab researchers in April 2022, has emerged, boasting new features to evade detection of its presence and ransom demands injected into its packets. The botnet’s latest version, Fodcha 4, leverages 42 C2 domains to run 60,000 active bot nodes daily, generating up to 1 Tbps of destructive traffic. Fodcha’s average number of targets has increased tenfold since April, reaching 1,000 daily victims compared to 100 per day in April.
Phishing simulations & training
In this Series
- Drinik malware returns, CISA unveils critical performance goals and rise in global data breaches
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
