Threat Source newsletter (May 19, 2022) — Why I'm missing the days of iPods and LimeWire
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. I will openly admit that I still own a “classic” iPod — the giant brick that weighed down
New Robo-Dialing Campaign Lets Users Prank Call Russian Bureaucrats
If you want to prevent Russian officials from performing their government duties, there’s a website that can fulfill your desire. What is WasteRussianTime.today? A group of hacktivists going by the
CISA Issues Emergency Directive for VMware Vulnerabilities
Federal agencies have until May 23 to mitigate the vulnerabilitiesRead More: https://www.infosecurity-magazine.com/news/cisa-emergency-directive-vmware/
Ransomware Targets Higher Education Institutions
Higher education institutions may be regarded as out-of-scope targets for ransomware operators, however, the trends show that things are quite the opposite. Three distinct colleges have been hit with ransomware.
Cyberattacks and misinformation activity against Ukraine continues say security researchers
The cyber offensive against Ukraine continues with malware attacks and the spread of misinformation, according to security researchers. So far, Russian, pro-Russian, and Belarusian cyberattackers have employed the most comprehensive
Innovative Tech Solutions Will Transform the Way We Use Data
All the world collects information, but few businesses know how to use it truly effectively. Gathering data is the easy—and inexpensive—part. What’s harder is determining how to analyze the information
Mandiant: Belarusian disinformation operation pushes phony organ harvesting tale
Written by AJ Vicens May 19, 2022 | CYBERSCOOP A hacking group associated with the government of Belarus and aligned with Russian interests “leveraged compromised assets” to push a false
Microsoft President: Cyber Space Has Become the New Domain of Warfare
Brad Smith argues that the Russia-Ukraine war marks significant shift in way warfare is conductedRead More: https://www.infosecurity-magazine.com/news/microsoft-cyberspace-domain-warfare/
Apple spits at Facebook, Google and, oh, the whole internet really
She’s shocked, I tell you. So shocked. Screenshot by ZDNet Does Apple really care about you? Overall, though, the company has done an excellent job of positioning itself as the
Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover
Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites. A critical privilege escalation flaw found in two themes used by more than 90,000
This Russian botnet does far more than DDoS attacks – and on a massive scale
An investigation into the Fronton botnet has revealed far more than the ability to perform DDoS attacks, with the exposure of coordinated inauthentic behavior “on a massive scale.” On Thursday,
FSB's Fronton DDoS tool was actually designed for widespread 'massive' fake info campaigns, researchers say
Written by AJ Vicens May 19, 2022 | CYBERSCOOP In March 2020, a Russian hacktivist group published a dozen documents showing that the Russian Federal Security Service was seeking technology
Attackers Can Unlock Tesla Cars and Smart Devices by Exploiting Bluetooth Flaws
Research reveals that cars, homes, and personal data of those depending on Bluetooth proximity authentication mechanisms to protect their smart devices are at risk. The IT security researchers at Manchester,
Specialists Spend a Lot of Time Fixing Security Flaws that Could Have Been Prevented
Security flaws frequently appear during the software development process and then reappear after an application has been deployed. The upsetting part is that in many cases, with the suitable approaches
Jupiter Plugin Vulnerabilities Enable Hackers to Hijack Websites
Privilege escalation is a malicious tactic to misuse an app or OS issue or configuration problem to get unauthorized access to sensitive information by taking over a user’s account that would
Bitdefender Threat Debrief | May 2022
MDR Insights The MDR intelligence cell recognizes the threat that comes with homograph domains used in phishing attacks. Our monitoring looks for homograph activity targeting the MDR customer base. Although
Bad Bots Swarm the Internet in Record Numbers in 2021
Account takeover attacks surge as a resultRead More: https://www.infosecurity-magazine.com/news/bad-bots-internet-record-numbers/
Patch these vulnerable VMware products or remove them from your network, CISA warns federal agencies
Companies should immediately patch or remove VMware products affected by newly disclosed critical flaws, warns the US Cybersecurity and Infrastructure Security Agency (CISA). The drastic measure of removing the products
What Is a Supply Chain Attack?
A supply chain attack, also sometimes called value chain, third-party attack, or backdoor breach is when threat actors hack an organization’s supplier or third-party vendor that has access to a
Half of IT Leaders Store Passwords in Shared Docs
Many aren’t following the advice of their own training programsRead More: https://www.infosecurity-magazine.com/news/it-leaders-passwords-shared-docs/
Ransom Demands Surge 45% in 2021
Double extortion now the norm, says Group-IBRead More: https://www.infosecurity-magazine.com/news/ransom-demands-surge-45-in-2021/
Detect Azure AD Hybrid Cloud Vulnerabilities
Trend Micro – Detect Azure AD Hybrid Cloud Vulnerabilities Workload Security AADInternals is a PowerShell module widely used by administrators for administering Azure Active Directory (AD) and Microsoft 365 –
Water companies are increasingly uninsurable due to ransomware, industry execs say
Written by Suzanne Smalley May 18, 2022 | CYBERSCOOP More water companies are finding they are uninsurable as ransomware attacks against the sector grow, water utility and association executives said
US Warns Firms About North Korean Hackers Posing as IT Workers
US government has warned organizations to beware of hackers in the guise of IT freelancers claiming to be non-DPRK (Democratic People’s Republic of Korea) nationals. According to an advisory issued by the
Why you should install iOS 15.5 now
Written by Adrian Kingsley-Hughes, Contributor Adrian Kingsley-Hughes Contributor Adrian Kingsley-Hughes is an internationally published technology author who has devoted over two decades to helping users get the most from technology
New research identifies poor IAM policies as the greatest cloud vulnerability
Written by CyberScoop Staff May 18, 2022 | CYBERSCOOP Misconfigurations continue to be the leading cause of most cloud security incidents — many of those as a result of poorly written
Top Data-Driven Methods for Improving Your Investment Decisions
From location quotient geography formula to AI (Artificial Intelligence) investing, leveraging technology to generate higher returns is one of the best ways to ensure your investment efforts result in success.
U.S. recovers millions from infamous '3ve' advertising scam group
Written by Tonya Riley May 18, 2022 | CYBERSCOOP The U.S. government recovered more than $15 million in proceeds from a global advertising scheme that cost businesses in the U.S.
Pharmacy Giant Hit By Data Breach Affecting 3.6 Million Customers
Pharmacy retailer Dis-Chem announced that an unauthorized party gained access to its customer databaseRead More: https://www.infosecurity-magazine.com/news/pharmacy-giant-data-breach/
Personal Information of Nearly Two Million Texans Exposed
The leak was caused by a programming issue at the Texas Department of InsuranceRead More: https://www.infosecurity-magazine.com/news/personal-information-two-million/
DOJ Says Doctor is Malware Mastermind
The U.S. Department of Justice indites middle-aged doctor, accusing him of being a malware mastermind. On Monday, the U.S. Attorney’s Office for the Eastern District of New York revealed criminal
Electron Bot Malware is disseminated via Microsoft’s Official Store and is capable of controlling social media apps
A recent malware disseminated via Microsoft’s official store and dubbed Electron Bot is capable of taking control over social media applications and infected around 5,000 machines around the globe. Electron
APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days
Research indicates that organizations should make patching existing flaws a priority to mitigate risk of compromise. Most advanced persistent threat groups (APTs) use known vulnerabilities in their attacks against organizations,
April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell
Researchers say a GitHub proof-of-concept exploitation of recently announced VMware bugs is being abused by hackers in the wild. Recently reported VMware bugs are being used by hackers who are
The Growing Threat of Ransom DDoS Attacks Requires Effective Prevention and Mitigation
Essentially, ransom DDoS attacks are just DDoS with a ransom demand but a sudden increase in these attacks is no Bueno and bad for business. The latest edition of the
Critical Privilege Escalation Vulnerability in Jupiter and JupiterX Premium Themes
WordFence – On April 5, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a set of vulnerabilities in the Jupiter and JupiterX Premium themes and the
AcidRain Malware Shuts Down Thousands of Modems in Ukraine
Security Intelligence – AcidRain Malware Shuts Down Thousands of Modems in Ukraine Home / News AcidRain Malware Shuts Down Thousands of Modems in Ukraine Share On Thursday, February 24, a cyber
The BlackByte ransomware group is striking users all over the globe
News summary Cisco Talos has been monitoring the BlackByte Ransomware Group for several months, infecting victims all over the world, from North America to Colombia, Netherlands, China, Mexico and Vietnam.
Google: These 'curated' open-source packages will improve software supply chain security
Google aims to boost software supply chain security with an initiative that promises to offer enterprise open-source software users access to the same secure packages used by its own developers
Millions of Cyberattacks Are Targeting Tatsu WordPress Plugin
Tatsu Builder is a popular plugin that integrates very effective template modification tools directly into the user’s web browser. What Happened? Hackers are making extensive use of a remote code
Top 10 Attack Vectors Most Exploited by Hackers Revealed
Various national cybersecurity authorities have recently published a joint advisory that discloses what are the top 10 attack vectors most exploited by cybercriminals. Cyber actors routinely exploit poor security configurations
UK Government: Lack of Skills the Number One Issue in Cybersecurity
Andrew Elliot from DCMS provides an update on government initiatives to boost cybersecurity talent pipelineRead More: https://www.infosecurity-magazine.com/news/government-skills-one-cybersecurity/
Malicious PHP Code Used to Steal Banking Information, FBI Said
The law enforcement agency has issued an alert that malicious actors are scraping credit card information from the checkout pages of American companies’ websites. As of January 2022, unidentified cyber
FBI and NSA say: Stop doing these 10 things that let the hackers in
Cyber attackers regularly exploit unpatched software vulnerabilities, but they “routinely” target security misconfigurations for initial access, so the US Cybersecurity and Infrastructure Security Agency (CISA) and its peers have created
Digital Skimming is Now the Preserve of Non-Magecart Groups
Commodity kit invites new entrants into the marketRead More: https://www.infosecurity-magazine.com/news/digital-skimming-non-magecart/
Western Allies Warn of Top Cyber-Attack Mistakes
Poor cyber-hygiene to blame for many compromisesRead More: https://www.infosecurity-magazine.com/news/western-allies-warn-of-top/
Wizard Spider hackers hire cold callers to scare ransomware victims into paying up
Researchers have exposed the inner workings of Wizard Spider, a hacking group that pours its illicit proceeds back into the criminal enterprise. On Wednesday, PRODAFT published the results of an
Police Warn of £15m Courier Scams
Blend of phone and face-to-face fraud targets vulnerableRead More: https://www.infosecurity-magazine.com/news/police-warn-of-15m-courier-scams/