Cybersecurity Weekly: Vaccine phish, firewall evasion, VMware authentication fix
Phishing attacks use vaccine surveys to steal personal info. Hackers are using a Windows OS feature to evade firewalls. VMware fixes an authentication bypass. All this, and more, in this week’s edition of Cybersecurity Weekly.
1. Phishing attacks use vaccine surveys to steal personal info
The U.S. Department of Justice warned of phishing attacks using fake post-vaccine surveys to steal money from people or tricking them into handing over their personal information. Attackers promise potential victims cash or prizes for filling out the fake surveys. Instead, they only harvest the personally identifiable information to fuel fraud schemes.
2. Hackers using a Windows OS feature to evade firewall
A novel hacking technique finds ways to use Microsoft's Background Intelligent Transfer Service to deploy malicious payloads on Windows machines. Last year, hospitals, retirement communities and medical centers bore the brunt of an ever-shifting phishing campaign that distributed custom backdoors such as KEGTAP.
3. VMware fixes authentication bypass
VMware addressed a critical vulnerability in the VMware Carbon Black Cloud Workload appliance that could be exploited by attackers to bypass authentication. An attacker can manipulate an URL on the administrative interface of the VMware Carbon Black Cloud Workload appliance to bypass authentication.
4. Over $4 billion lost to cyber crime in 2020
In its 2020 Internet Crime Report, the FBI revealed that the Internet Crime Complaint Center received a record number of complaints from the American public in 2020. It received a total of 791,790 reports during the 12-month period, a 69% increase compared to 2019, with reported losses exceeding $4.1 billion.
5. Ransomware gang wanted $40 million in Florida schools cyberattack
Fueled by large payments from victims, ransomware gangs are demanding ridiculous ransoms from organizations that can not afford to pay them. An example of this is a recently revealed ransomware attack on the Broward County Public Schools district where threat actors demanded a $40,000,000 payment.
6. Coinhive domain repurposed to warn visitors of hacked sites
7. Man charged with hacking water system and endangering lives
A 22-year-old man from Kansas has been indicted on charges that he fraudulently accessed a public water facility's computer system, jeopardizing the residents' safety and health in the local community. The threat actor used the compromised endpoint to shut down the cleaning and disinfecting processes at the facility.
8. Hackers set up a fake cybersecurity firm to target security experts
A campaign targeting cybersecurity researchers with malware re-emerged with new tactics in their arsenal as part of a fresh social engineering attack. The new website claims the company is an offensive security company located in Turkey that offers pentests, software security assessments and exploits.
9. 533 million Facebook users' personal data leaked online
Personal information associated with approximately 533 million Facebook users worldwide was leaked on a popular cybercrime forum for free. The data seems to have been obtained by exploiting a vulnerability that enabled automated scripts to scrape Facebook users' public profiles and associated private phone numbers.
10. A $5.7 million crypto heist sent social tokens into free fall
Last week, a hack sunk the value of several social tokens minted and distributed on the social money platform, Roll. The WHALE, RARE and PICA currencies were all hit by more than 50% in price as an attacker made off with almost 3000 ETH, or about $5.7 million.