Table of Contents
videoDuration
Do not index
Do not index
Thumbnail
Category
Cyberthreats
video
Summary: AitM attacks on banks, Vietnamese attacked, $3M losses in crypto space, and much more action from black hat groups this week.
Cybersecurity news for the Second Week of June 2023
- Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants. Banking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) attack, Microsoft has revealed. "The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and follow-on BEC activity spanning multiple organizations," the tech giant disclosed in a Thursday
- New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies. Vietnamese public companies have been targeted as part of an ongoing campaign that deploys a novel backdoor called SPECTRALVIPER. "SPECTRALVIPER is a heavily obfuscated, previously undisclosed, x64 backdoor that brings PE loading and injection, file upload and download, file and directory manipulation, and token impersonation capabilities," Elastic Security Labs said in a Friday report.
- Hackers steal $3 million by impersonating crypto news journalists. A hacking group tracked as 'Pink Drainer' is impersonating journalists in phishing attacks to compromise Discord and Twitter accounts for cryptocurrency-stealing attacks.
- Strava heatmap feature can be abused to find home addresses. Researchers at the North Carolina State University Raleigh have discovered a privacy risk in the Strava app's heatmap feature that could lead to identifying users' home addresses.
- Apple's Safari Private Browsing Now Automatically Removes Tracking Parameters in URLs. Apple is introducing major updates to Safari Private Browsing, offering users better protections against third-party trackers as they browse the web. "Advanced tracking and fingerprinting protections go even further to help prevent websites from using the latest techniques to track or identify a user's device," the iPhone maker said.
- Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme. A previously undetected cryptocurrency scam has leveraged a constellation of over 1,000 fraudulent websites to ensnare users into a bogus rewards scheme since at least January 2021. "This massive campaign has likely resulted in thousands of people being scammed worldwide," Trend Micro researchers said in a report published last week, linking it to a Russian-speaking threat actor.
- Microsoft: Azure Portal outage was caused by traffic “spike”. Microsoft recently disclosed that an outage affecting the Azure Portal worldwide on Friday was primarily caused by a sudden "spike" in traffic. The tech giant shared this information in an update on the Azure status page.
- Critical FortiOS and FortiProxy Vulnerability Likely Exploited - Patch Now! Fortinet revealed on Monday that a recently patched critical vulnerability affecting FortiOS and FortiProxy might have been exploited in select attacks on government, manufacturing, and critical infrastructure sectors.
- Bulletproof hoster gets 3 years for pushing Urfsnif, Zeus malware. Romanian Mihai Ionut Paunescu, aka "Virus," has been sentenced to three years in prison by a Manhattan federal court for operating a bulletproof hosting service, facilitating the spread of infamous malware like Gozi, Zeus, SpyEye, and BlackEnergy. These services offer cybercriminals a secure environment for illegal activities, assisting with technical support, encryption, and other tools. Paunescu's service led to significant propagation of these malware strains, causing worldwide harm. His sentencing represents a critical step in combatting cybercrime and signifies law enforcement's continued efforts against such threats.
- RDP honeypot targeted 3.5 million times in brute-force attacks. Cybercriminals, making over 37,000 daily hacking attempts, are increasingly exploiting remote desktop connections that provide access to computers and networks. These insecure connections can result in data theft and ransomware attacks, more so with the surge in remote work. To fortify against these threats, firms should use strong passwords, multi-factor authentication, VPNs for encryption, monitor system logs, and train staff on safe remote connection practices. Proactive security measures are vital in preventing cyber attacks.
- Massive phishing campaign uses 6,000 sites to impersonate 100 brands. A brand impersonation campaign has been duping consumers into revealing sensitive information through fake websites mimicking popular clothing and apparel brands since June 2022. The scam could result in identity theft and financial losses. Consumers should verify website authenticity, use unique passwords, and enable multi-factor authentication. Businesses need to monitor their digital footprint, report fraudulent sites, and educate customers about scams to thwart these attacks.
That's all for the week. Register on https://ofofo.io to get the updates to your inbox.
Written by
