Cybersecurity news
- A newly discovered Linux malware known as Symbiote infects all running processes on compromised systems, steals account credentials, and gives its operators backdoor access.
- Surfshark announced they are shutting down its VPN services in India in response to the new requirements in the country that demand all providers to keep customer logs for 180 days.
- Several US federal agencies today revealed that Chinese-backed threat actors have targeted and compromised major telecommunications companies and network service providers to steal credentials and harvest data.
- A critical Windows zero-day vulnerability, known as Follina and still waiting for an official fix from Microsoft, is now being actively exploited in ongoing phishing attacks to infect recipients with Qbot malware.
- Check Point Research’s cybersecurity experts discovered a vulnerability in LTE modem firmware that was based on Chinese UNISOC chipsets. These chipsets are commonly used in budget smartphones. The theory is that attackers could block devices from connecting to cellular networks.
- Atlassian has warned of a critical unpatched remote code execution vulnerability impacting Confluence Server and Data Center products that it said is being actively exploited in the wild.
Cybersecurity Blog Posts
- Zeljka Zorz, Editor-in-Chief at Help Net Security explained in her article that Microsoft Office apps are vulnerable to IDN homograph attacks.
- Andy Ellis, Operating Partner at YL Ventures told about CISO insights into the 2022 cybersecurity landscape.
- Paul Ducklin described an active adversary scenario based on Sophos report data – what really works for the cybercrooks when they initiate an attack, what sort of things do they do once they’ve broken in and How long do they tend to stick around in your network once they’ve created a beachhead.
Research and analytics
- Truecaller announced a research conducted in partnership with The Harris Poll in March of 2022, and the findings detail trends/insights on the impact of spam and phone scams that have increasingly permeated the U.S. over the last 12 months. The study estimates that a staggering $39.5 billion was lost to phone scams this past year.
- Recordedfuture announced report Chinese Cybercrime in Neighboring Countries which examines cybercrimes perpetrated by Chinese-speaking threat actors in countries neighboring China over the last year. In particular, it pertains to the theft and sale of personally identifiable information (PII), cross-border gambling and money laundering, e-commerce and online romance scams, and possible advanced persistent threat (APT) actors engaging in cybercrime.
- Sophos has just launched the State of Ransomware in Healthcare 2022 that reveals a growing ransomware attack rate on healthcare, resulting in an increasingly tough, broader threat environment for this sector. The study also focuses on the rapidly evolving relationship between ransomware and cyber insurance in healthcare, highlighting how often and how much ransom was paid out by insurance providers against claims by healthcare.
- EfficientIP has announced the findings of its eighth annual 2022 Global DNS Threat Report, conducted by IDC, which reveals the damaging impact Domain Name System (DNS) attacks have had on global organizations’ operations over the past 12 months. The results show that 88% of organizations have experienced one or more DNS attacks on their business. Each successful attack costs the business, on average, $942,000.
- The Intigriti Ethical Hacker Survey 2022 is now available, highlighting how ethical hacking continues to grow as a popular career choice for all levels of security experts. The world of ethical hacking belongs to a young community, with 73% of the respondents interviewed falling under the age of 30. 96% of ethical hackers would like to dedicate more time to bug bounty hunting in the future and 66% are considering it as a full-time career.
- Zscaler ThreatLabz 2022 Ransomware Report Reveals Record Number of Attacks and Nearly 120% Growth in Double Extortion Ransomware. Manufacturers are the Most Targeted for the Second Year in a Row; Healthcare Sees the Biggest Jump in Ransomware Attacks with Nearly a 650% Increase.
- This year’s 15th installment of the Verizon Data Breach Investigations Report (DBIR) features yet another impressive dataset of corporate breaches and exposures marked by an overriding postulate: attack surfaces matter and they should dictate a large portion of your risk assessment strategy. According to the DBIR, up to 13% of breaches are caused by some sort of error or misconfiguration event, with misconfigured cloud storage instances leading the trend.
Major Cyber Incidents
- An illicit online marketplace known as SSNDOB was taken down. It trafficked in personal information such as names, dates of birth, credit card numbers, and Social Security numbers of about 24 million individuals in the U.S., generating its operators $19 million in sales revenue.
- The municipality of Palermo in Southern Italy suffered from a cyberattack, which appears to have had a massive impact on a broad range of operations and services to both citizens and visiting tourists.
- Two American gun shops, Rainier Arms and Numrich Gun Parts, that operate e-commerce sites have disclosed data breaches resulting from card skimmer infections on their sites.
- Shields Health Care Group suffered from a data breach that exposed the data of approximately 2,000,000 people in the United States after hackers breached their network and stole data.
- The U.S. Federal Trade Commission says over 46,000 people Americans have reported losing more than $1 billion worth of cryptocurrency to scams between January 2021 and March 2022.