Cyber attacks, phishing, stalkerware, and malware such as Emissary Panda, have been rampant. They’re taking advantage of the vulnerabilities in organizations and even governments. Keep reading to find out more security news.
For more articles, check out our #onpatrol4malware blog.
COVID-19 Scam Roundup – Week of 3/16/20
Source: Trip Wire
Malicious actors are increasingly leveraging COVID-19 as a theme for new digital fraud attacks. In February 2020, for instance, Action Fraud received 21 reports of fraud relating to the coronavirus. Read more.
WildPressure targets industrial-related entities in the Middle East
Source: Secure List
Kaspersky Threat Attribution Engine (KTAE) doesn’t show any code similarities with known campaigns, nor any target intersections. So they consider the attacks to be targeted and have currently named this operation WildPressure. Read more.
‘Rare’ stalkerware emerges with targets around the world
Source: Cyberscoop
An app that’s marketed as a solution to keep children safe online includes such aggressive functionality that cybersecurity researchers warn it’s possible for stalkers to monitor victims in a way that is “almost impossible to detect.†Read more.
VB2019 paper: Cyber espionage in the Middle East: unravelling OSX.WindTail
Source: Virus Bulletin
In this paper, we’ll comprehensively dissect OSX.WindTail.A, the first-stage macOS implant utilized by the WINDSHIFT APT group (which targeted individuals of a Middle-Eastern government). Read more.
How the Iranian Cyber Security Agency Detects Emissary Panda Malware
Source: Team Cymru
It has been previously publicised that the Chinese-attributed threat group, Emissary Panda, have been targeting various sectors in the Middle East, including government organisations. Read more.
TrickBot Bypasses Online Banking 2FA Protection via Mobile App
Source: Bleeping Computer
The TrickBot​​​​​ gang is using a malicious Android application they developed to bypass two-factor authentication (2FA) protection used by various banks after stealing transaction authentication numbers. Read more.
State-Backed Players Join Pandemic Cyber Crime Attacks
Source: Security Week
Sophisticated state-supported actors are following cybercriminals in exploiting the coronavirous pandemic and posing an “advanced persistent threat” (APT), French defence technology giant Thales warned Monday. Read more.
Holy water: ongoing targeted water-holing attack in Asia
Source: SecurityList
SecurityList discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings. This campaign targets an Asian religious and ethnic group. Read more.
Crave the Data: Statistics from 1,300 Phishing Campaigns
Source: NCC Group
Targets in Charities were found to be over 3 times more likely to click a link in a Phishing attack than targets in the Health sector. Once a user had clicked the link, half were likely to enter credentials regardless of what sector they worked in. Read more.