Cybersecurity Digest #41: 3/01/2022 – 21/01/2022

24/06/2024

Cybersecurity Digest #41: 3/01/2022 – 21/01/2022

Cybersecurity news

  • EU to Stage Large-Scale Cyberattack Exercise on Supply Chains. The aim of the six-week exercise is to stress-test Europe’s resilience, strengthen preparedness and cooperation among member states, and improve the effectiveness of a joint response.
  • The research arm of Palo Alto Networks, revealed how attackers are using the service to carry out a supply chain attack to inject card skimming malware onto victim sites. Web skimming attacks occur when malicious script is injected into sites to steal information entered into web forms.
  • SentinelLabs has discovered a high severity flaw in the KCodes NetUSB kernel module used bya large number of network device vendors and affecting millions of end user router devices.
  • A Safari bug has surfaced, that can leak browsing history and information related to Google account. Apple’s browser, which is the default on macOS, iOS, and iPad OS has a security issue related to IndexedDB. This is an API that is used by websites to store data on the device, and uses the same-origin policy.
  • AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines.
  • VirusTotal, the popular online service for analyzing suspicious files, URLs and IP addresses, can be used to collect credentials stolen by malware, researchers at SafeBreach have found. With a €600 VirusTotal license, they have managed to collect more than 1,000,000 credentials just by executing simple searches with a few tools.
  • A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations has been discovered to be active since at least 2019, targeting over fifteen entities worldwide. The campaign was discovered by security researcher William Thomas, a Curated Intelligence trust group member, who employed OSINT (open-source intelligence) techniques like DNS scans and public sandbox submissions.

Cybersecurity Blog Posts

Research and analytics

  • Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. Operators of these campaigns hunt for corporate credentials, aiming to commit financial fraud or to sell them to other malicious actors.
  • Earth Lusca employs sophisticated infrastructure, varied tools and techniques. Trend Micro experts provided an in-depth look at Earth Lusca’s activities, the tools it employs in attacks, and the infrastructure it uses.
  • Hyperautomation, just-in-time infrastructure, and composable technologies are among the key trends infrastructure and operations (I&O) professionals can expect to see in the coming months, according to Gartner.
  • Check Point Research (CPR) reports that from mid-2020 throughout 2021, there has been an upwards trend in the number of cyber-attacks. This trend  reached an all-time high at the end of the year, peaking to 925 cyber attacks a week per organization, globally. Overall in 2021, researchers have seen 50% more attacks per week on corporate networks compared to 2020.
  • Malware targeting Linux-based operating systems, commonly deployed in Internet of Things (IoT) devices, have increased by 35% in 2021 compared to 2020, according to current CrowdStrike threat telemetry, with the top three malware families accounting for 22% of all Linux-based IoT malware in 2021.
  • A team of researchers from University of Arizona, University of South Florida and University of Georgia, USA, published Counteracting Dark Web Text-Based CAPTCHA with Generative Adversarial Learning for Proactive Cyber Threat Intelligence. According to their research, DW-GAN significantly outperformed the state-of-the-art benchmark methods on all datasets, achieving over 94.4% success rate on a carefully collected real-world dark web dataset.
  • Research And Markets has published a report «Zero-Trust Security – Global Market Trajectory & Analytics». Amid the COVID-19 crisis, the global market for Zero-Trust Security estimated at US$18.3 Billion in the year 2020, is projected to reach a revised size of US$64.4 Billion by 2027, growing at a CAGR of 19.7% over the period 2020-2027.
  • The global market for Network Security Sandbox estimated at US$4 Billion in the year 2020, is projected to reach a revised size of US$43 Billion by 2027, growing at a CAGR of 40.2% over the period 2020-2027 by Reasearch And Markets.
  • Check Point Research issued Q4 Brand Phishing Report, highlighting the leading brands that hackers imitated in attempts to lure people into giving up personal data. Twenty-three percent of all brand phishing attempts were related to DHL, up from just 9% in the previous quarter. The Microsoft brand, meanwhile, only accounted for 20% of all phishing attempts in Q4 versus 29% in Q3.

Major Cyber Incidents