Cybersecurity is a sensitively dynamic arena. For most security managers and IT admins, to be able to sail through each day without having their organization’s information assets’ attacked by cyber adversaries is nothing less than a challenge! Imagine how challenging it could be for the regular consumers of the internet to keep their PII (Personally Identifiable Information) from falling into the hands of cyber adversaries, who can then use it for various nefarious purposes. This is what makes it crucial to keep yourself updated on the latest cyber news to stay a step ahead of malicious actors and keep your crucial information assets as secure as possible. Here are the latest headlines this week with global updates on cybersecurity.
Dynamite Phishing Attacks Have A 974% Surge
A recent study suggests that Business Email Compromise (BEC) attacks have increased by over 974 percent. These attacks use suggestive materials and mainly target working professionals. A typical dynamite phishing email addresses the victim by his name and implores him to click on an embedded link. These emails hope to scare the victim or make them panic and lose the ability to make sensible choices.
The links embedded in such emails usually redirect users to a fake website to steal their information, download malware, or spy on them for a follow-up attack. Additionally, the adversaries use email pass-through to trick their victims, which means that clicking on an embedded link on the phishing email automatically sends the email address to the linked site. When phishing attacks are surging at such an alarming rate, it is vital for stakeholders to (re)consider their cybersecurity strategies.
Update Your Adobe Software Immediately
If you are a loyal user of Adobe’s products, you should get all your apps updated immediately. The Adobe Patch Tuesday rollout for June fixes and notifies some significant vulnerabilities in its software products. The top among these products is Adobe Acrobat and Reader, Adobe Creative Cloud Desktop Application, Adobe Photoshop, Adobe Experience Manager, Adobe Connect, and Adobe Robohelp Server.
Getting the Adobe Acrobat and Reader update fixes five memory corruption vulnerabilities that could lead to remote code execution attacks. Hence, users must prioritize getting this patch updated. If you think that your organizational cybersecurity tools can detect such bugs and protect you, then you must still let your guard down as, for these vulnerabilities, the adversaries can take complete control of your Windows or macOS machine without any or much of your action. The risk is even greater for unpatched machines!
FBI Warns Of BEC Attacks Targeting Construction Companies
Business email compromise (BEC) attacks frequently impersonate construction companies to redirect payments from private sector companies, warns the FBI. The FBI’s latest update asks private sector companies to take email security measures as such scams have already targeted many US critical infrastructure sectors. Such attacks have increased since March this year, costing millions of dollars to victims.
The adversaries use the results obtained from a Google search about construction companies to impersonate them, and then create a fake website using legitimate logos and graphics. These become the threat actors’ weapons at targeting the public and private sector clients of these construction companies. The end goal is to redirect all pending and future payments to a new bank account linked to the attacker(s).
Are Financial Apps Really Protecting Your Confidential Information?
Ever since the outbreak of the COVID-19 pandemic, the use of financial apps and mobile contactless payments has increased. However, a recent study indicates that over 77% of financial apps are vulnerable to one (or more) critical or high severity vulnerability. Furthermore, while the use of such financial applications has increased by 49%, there has been a simultaneous rise of 118% in attacks on payment, lending, banking, and trading apps.
Cryptographic issues are the predominant cybersecurity threats for 88% of the analyzed apps from the US, EU, UK, India, and Southeast Asia. Failing a cryptographic test means that the adversaries can easily break through the encryption of these apps and expose sensitive payment and customer data. The take-away from this study is that strengthened cybersecurity practices must accompany the growing use of financial apps.
Malware Backdoor Victory Used Against A Southeast Asian Government
The Chinese APT group SharpPanda is using a malware backdoor called Victory to target a Southeast Asian government. Exploiting older vulnerabilities in Office security, the adversaries are sending spear-phishing emails to various employees of the government entity. These spoofed emails come with malicious Word documents to gain initial access. These documents download .RTF files on the victims’ device and ultimately install the backdoor malware Victory.
In defiance of the positive attribute of its name, Victory steals information and enables the adversaries to access the infected device. Its other malicious operations include manipulating files, taking screenshots, collecting data on top-level opened windows, and shutting down the computer. The malware can also access CD-ROM drives data, TCP/UDP tables, registry keys info, etc. Since malware and other cybersecurity threats continue to pose a severe risk for governments and national security, enough caution must be adopted at an enterprise level to protect against these threats.
Intel Fixes 73 Vulnerabilities
The June 2021 Patch released by Intel addresses 73 security vulnerabilities, including some high severity vulnerabilities affecting Intel’s Security Library and the BIOS firmware for Intel processors. Intel published about these 73 vulnerabilities in 29 security advisories. It says that its internal proactive security researchers discovered 55% of the detected vulnerabilities. All those who wish to see the list of vulnerabilities fixed must go through these security advisories.
The significant fixes include those for five high severity vulnerabilities in the Intel Virtualization Technology for Directed I/0 (VT-d) products, the Intel Security Library, and the BIOS firmware for Intel processors. In addition, eleven other high severity security vulnerabilities were fixed in Intel Driver and Support Assistant (DSA), Intel NUCs, Intel RealSense ID, Intel Thunderbolt controllers, Intel Field Programmable Gate Array (FPGA) Open Programmable Acceleration Engine (OPAE) driver for Linux, etc. Intel advises all users to install patches for the affected products at the earliest.