Cybersecurity Bi-weekly Roundup: Week of 1st December
A cybersecurity bi-weekly roundup of the latest cybersecurity news and research!
Halfway down the week and we’ve got you covered till the weekend about all the nitty-gritty in the world of cybersecurity!
1. GoDaddy Hacked, 1.2M Customers at Risk of Phishing Attack
Breach Notification: This time the target was Go Daddy. Nearly 1.2 Mn active and inactive Managed WordPress customers had their email address and customer number exposed, which can further lead to a phishing campaign tricking customers into exposing their sensitive credentials. We all should learn from this incident that “Regardless of how powerful your security stack is, your organization will still be helpless against interruptions coming from compromised credentials.
2. IKEA hit by a cyber attack that uses stolen internal reply-chain emails
Insider threats are an age-old issue but are still equally prevalent now. This time insider threat was targetting IKEA. You should know that insider threats represent the primary vector for 60 percent of data breaches, and organizations in order to protect fully must scrutinize the threats walking through their door. Every organization needs to make sure that they don’t consider insider threats as something that doesn’t even exist. Scanning needs to be done in the same way as it is done for something from the external perimeter.
3. Perswaysion Phishing Kit From the Past Continues to Hit Targets Actively
The Phishing Kit was roaming around as free as air since 2017 and has impacted almost every sector. This is a phishing kit that has customers all over the world, and [attackers] are targeting whoever they want and there is no stop as the kit is still spreading its tentacles across borders and sectors. Many insights are yet to be disclosed though. Now, you get it why it is important for all of us to make our security proactive?
4. Ransomware Phishing Emails Sneak Through SEGs
Themes are no more restricted to parties, cybercriminals are taking it to heart too. As the cloud continues to grow, saved passwords become a key attack vector as they can often grant large amounts of access with little to no security controls. Seems like SEGs are not enough to protect you from phishing emails as threat actors are using legitimate cloud services to conduct phishing campaigns. This ransomware campaign has been observed leveraging a combination of several tricks to bypass the Secure Email Gateways (SEG) protection.
5. Apple Sues Israel’s NSO Group for Spying on iPhone users with Pegasus Spyware
Intentions can take a turn in a blink of an eye, NSO Group said its tools were made to target terrorists and criminals but seem like they were deceiving us as the tools have allegedly also been used on activists, politicians, and journalists. Hence, Apple is suing Israeli spyware firm NSO Group and its parent company for allegedly targeting iPhone users with a hacking tool. NSO’s Pegasus software can infect both iPhones and Android devices, allowing operators to extract almost everything on your phone ranging from messages, photos, and emails, record calls to even secretly activate microphones and cameras.
6. New malware ‘SharkBot’ attacking banking apps on Android phones
Looks like cybercriminals are upping their game by giving unique names to Trojan. ‘SharkBot’ botnet taking a bite out of mobile banking system. Banks will continue to be a prime target for cybercriminals to carry out a variety of attacks and techniques as they cause a lot of financial gain to the attacker and financial loss to the targets. Here is a piece of advice from our end “Remember finding ways to test your environments, enacting policies, and encouraging good cyber hygiene practices with your teams, these are key in the fight against cyberattacks.”
7. Python Packages Stealing Discord Tokens and More
Python can be dangerous to humans and to software. Recently, there has been news about malware attacks on popular repositories PyPI, and RubyGems. These days developers are assuming that repositories are secure and hence, blindly trusting and installing packages assuming. Sometimes malware packages are allowed to be uploaded to the package repository, giving malicious actors the opportunity to use repositories to distribute viruses and launch successful attacks on both developers and in the pipeline.
8. The Cybersecurity Bi-weekly roundup ends with “Hackers Exploiting zero-day Vulnerability in Windows Installer”
Attackers making attempts to exploit the major security vulnerability in the new Windows Installer. The powerful version of the zero-day flaw for which Microsoft released a patch earlier this month can be actively used. But as the security hole was not properly fixed with the update, it lead to a vulnerability that potentially leads to arbitrary code execution on systems that received the patch. Major institutions and organizations, businesses are more at risk of Zero Trust flaws as it can cause real damage and havoc on systems and networks. The code execution on the compromised system can lead to data exfiltration or malware deployment.
Stay engrossed in similar cybersecurity content: https://www.tikaj.com/blog/hotlinking-challenges-and-preventions/
