News – August 2020

  • Half of anti-malware products fail to recognize notable threats

    August 17, 2020

    Most popular, well-established cybersecurity solutions do not protect their users from all notable threats, according to new analysis from SE Labs. The security firm tested 14 of the world’s most popular cybersecurity solutions and, while products from Microsoft and Kaspersky Lab scored 100 percent, more than half failed to identify all threats. “While the numbers of ‘misses’ ...

  • How Unsecure gRPC Implementations Can Compromise APIs, Applications

    August 17, 2020

    Enterprises are turning to microservice architecture to build future-facing applications. Microservices allow enterprises to efficiently manage infrastructure, easily deploy updates or improvements, and help IT teams innovate, fail, and learn faster. It also allows enterprises to craft applications that can easily scale with demand. Additionally, as enterprises switch architectures — jumping from the traditional monolithic to ...

  • Business technology giant Konica Minolta hit by new ransomware

    August 16, 2020

    Business technology giant Konica Minolta was hit with a ransomware attack at the end of July that impacted services for almost a week, BleepingComputer has learned. Konica Minolta is a Japanese multinational business technology giant with almost 44,000 employees and over $9 billion in revenue for 2019. Read more… Source: Bleeping Computer  

  • Canada suffers cyberattack used to steal COVID-19 relief payments

    August 16, 2020

    Canadian government sites used to provide access to crucial services for immigration, taxes, pension, and benefits have been breached in a coordinated attack to steal COVID-19 relief payments. The online portal referred to as GCKey is acritical single sign-on (SSO) system used by the public to access multiple Canadian government services. Read more… Source: Bleeping Computer  

  • U.S. spirits and wine giant hit by cyberattack, 1TB of data stolen

    August 15, 2020

    Brown-Forman, one of the largest U.S. companies in the spirits and wine business, suffered a cyber attack. The intruders allegedly copied 1TB of confidential data; they plan on selling to the highest bidder the most important info and leak the rest. Headquartered in Louisville, Kentucky, the company holds world-known whiskey and scotch brands like Jack Daniel’s, ...

  • Benelux Virtual Cyber Security Summit Launches Online this September!

    August 14, 2020

    On 22nd-23rd September, the Benelux Virtual Cyber Security Summit will bring together hundreds of cyber security leaders from across Benelux’s core industries in a collaborative effort to strengthen their cyber security strategies and maintain resilience amid a landscape shaped by the pandemic. The interactive agenda is designed to revive, restore and re-connect the region’s cyber security ...

  • Online crime in Africa a bigger threat than ever before, INTERPOL report warns

    August 14, 2020

    Despite lower online connectivity, organized crime groups are using online tools for a range of illicit activities A new INTERPOL report on online organized crime in Africa shows how digitalization is transforming almost every major crime area across the continent. “Online crime now represents a bigger security issue for law enforcement in Africa than ever before,” reads ...

  • Patch List: Adobe, Citrix, Intel, and vBulletin Vulns

    August 14, 2020

    Vulnerabilities expose enterprises’ systems to compromise. Now that many employees are working from home and operating devices outside the more secure office environments, the need to patch vulnerabilities as soon as they are discovered has become even more pressing. Aside from Microsoft, the following vendors also released patches recently: Adobe, Citrix, Intel, and vBulletin. We rounded ...

  • 3rd Annual UKsec Virtual Cyber Security Summit Returns Online This September!

    August 14, 2020

    On 10th-11th September, the UKsec Virtual Cyber Security Summit will bring together hundreds of cyber security leaders from across the UK’s core industries in a collaborative effort to strengthen their cyber security strategies. According to IBM and Ponemon’s Cost of a Data Breach study, the average cost of a data breach for UK enterprises is $3.88 ...

  • U.S. Department of Justice: Global Disruption of Three Terror Finance Cyber-Enabled Campaigns

    August 13, 2020

    The Justice Department today announced the dismantling of three terrorist financing cyber-enabled campaigns, involving the al-Qassam Brigades, Hamas’s military wing, al-Qaeda, and Islamic State of Iraq and the Levant (ISIS). This coordinated operation is detailed in three forfeiture complaints and a criminal complaint unsealed today in the District of Columbia. These actions represent the government’s ...

  • FBI and NSA expose new Linux malware Drovorub, used by Russian state hackers

    August 13, 2020

    The FBI and NSA have published today a joint security alert containing details about a new strain of Linux malware that the two agencies say was developed and deployed in real-world attacks by Russia’s military hackers. The two agencies say Russian hackers used the malware, named Drovorub, was to plant backdoors inside hacked networks. Based on evidence ...

  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

    August 13, 2020

    Trend Micro has discovered an unusual infection related to Xcode developer projects. Upon further investigation, we discovered that a developer’s Xcode project at large contained the source malware, which leads to a rabbit hole of malicious payloads. Most notable in our investigation is the discovery of two zero-day exploits: one is used to steal cookies ...

  • CactusPete APT group’s updated Bisonal backdoor

    August 13, 2020

    CactusPete (also known as Karma Panda or Tonto Team) is an APT group that has been publicly known since at least 2013. Some of the group’s activities have been previously described in public by multiple sources. We have been investigating and privately reporting on this group’s activity for years as well. Historically, their activity has ...

  • RedCurl cybercrime group has hacked companies for three years

    August 13, 2020

    Security researchers have uncovered a new Russian-speaking hacking group that they claim has been focusing on the past three years on corporate espionage, targeting companies across the world to steal documents that contain commercial secrets and employee personal data. Named RedCurl, the activities of this new group have been detailed in a 57-page report released today ...

  • Internet Explorer and Windows zero-day exploits used in Operation PowerFall

    August 12, 2020

    In May 2020, Kaspersky technologies prevented an attack on a South Korean company by a malicious script for Internet Explorer. Closer analysis revealed that the attack used a previously unknown full chain that consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer and an elevation of privilege exploit for Windows. Unlike ...

  • Re­VoL­TE attack can decrypt 4G (LTE) calls to eavesdrop on conversations

    August 12, 2020

    A team of academics has detailed this week a vulnerability in the Voice over LTE (VoLTE) protocol that can be used to break the encryption on 4G voice calls. Named ReVoLTE, researchers say this attack is possible because mobile operators often use the same encryption key to secure multiple 4G voice calls that take place via ...

  • NHS hit with wave of scam emails at height of COVID-19 pandemic

    August 12, 2020

    NHS staff were hit with a wave of malicious email attacks at the height of the COVID-19 pandemic, with doctors, nurses and other key workers reporting over 40,000 spam and phishing attacks between March and the first half of July. Data from NHS Digital obtained through a Freedom of Information request sent by UK think tank, ...

  • Script-Based Malware: A New Attacker Trend on Internet Explorer

    August 11, 2020

    Over the past few months, we have detected sophisticated script-based malware through Internet Explorer (IE) browser exploits that infect Windows Operating System (OS) users. We decided to investigate those scripts to identify their key features to demonstrate that they are attractive for attackers and so could lead to a trend worth paying attention to. Indeed, with ...

  • August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild

    August 11, 2020

    The August batch of Patch Tuesday updates includes 120 updates for the Microsoft suite, with 17 fixes rated as Critical, and the remaining 103 ranked as Important. CVE-2020-1380 is a critical Internet Explorer (IE) vulnerability that can be abused for remote code execution (RCE), while CVE-2020-1464 is a Windows 10 security gap that can be ...

  • Avaddon ransomware launches data leak site to extort victims

    August 10, 2020

    Avaddon ransomware is the latest cybercrime operation to launch a data leak site that will be used to publish the stolen data of victims who do not pay a ransom demand. Since the Maze operators began publicly leaking files stolen in ransomware attacks, other operations soon followed suit and began creating data leak sites to publish ...