The cyber headlines are once again crowded with news of attacks, patches, mergers, and data theft. Here are the top global cybersecurity updates of this week to help you keep abreast of the latest happenings in the cyber world so you can learn from the mistakes of others and adopt cybersecurity practices in advance and keep your critical data from falling into the hands of cyber adversaries.
Chrome To Get An HTTPS-First Mode
Google is working on adding an HTTPS-First Mode to its Chrome web browser in an abundance of security. This is to block adversaries from accessing or manipulating users’ web traffic. The HTTPS-First Mode endeavors to upgrade all webpages to HTTPS and warn users before loading a non-HTTPS site. This cybersecurity measure notifies users before loading an HTTP site.
The HTTPS-First Mode shall be operational on Google Chrome 94 and is undergoing tests in the Chrome 93 Canary preview releases for Windows, Android, Mac, Linux, and Chrome OS. Google’s latest protection measure aims to safeguard users from cyber threats such as man-in-the-middle attacks. Google is also working on securing HTTP webpages by restricting their web platform features.
Microsoft Has A Solution To Prevent Consent Phishing Attacks
How often does it happen that we grant permissions to a seemingly genuine app and later find that it has been spying on us and stealing our data? These are called consent phishing attacks, and lately, their application has increased. Microsoft has introduced a new governance feature in its Microsoft Cloud App Security to ensure email security from such attacks, allowing system administrators and organizations to control which apps get permission on users’ devices.
The user consent settings in Azure Active Directory or Azure AD allow administrators to block end users from granting consent to potentially risky apps. Microsoft recommends this security measure for organizations to remove cyber threats at their root.
Spanish Authorities Arrest 16 Cybercriminals
As per the Spanish law enforcement agency Guardia Civil, 16 suspects associated with the Brazilian bank trojans Mekotio and Grandoreiro have been arrested in Ribeira, Villafranca de Los Barros, Seseña, Parla, Aranda de Duero, Móstoles and Madrid. The authorities seized devices from the accused’s residence. They found that the suspects had over €276,470 (About $326,000) transferred to their bank accounts as part of the many cyberattacks linked to Mekotio and Grandoreiro.
The banking trojans Mekotio and Grandoreiro primarily attack Windows computers with spoofed emails that impersonate legitimate organizations. They remain hidden until the victim logs into their bank account and steals their credentials. With the capacity to collect data from 30 different banks, these two trojans access e-banking portals and direct funds to their accounts. In a typical attack, the victims’ computers would restart multiple times before access was finally blocked. Attacks culminate in the transfer of large amounts of money from victims’ accounts to multiple unknown accounts. This is now twice in 2021 that Spanish authorities have made a bold arrest of cyberattackers and reinstated people’s belief in their cybersecurity measures.
Southeast Asians Users Beware Of APT Campaigns
A large-scale advanced persistent threat (APT) campaign with ties to LuminousMoth and HonetMyte was recently uncovered. Cybersecurity experts reveal that the APT campaign has already targeted hundreds of Southeast Asians, including government entities from the Philippines and Myanmar.
Both these hacker groups launch wide-scale attacks aiming to land a small subset of suitable victims. While tracking the cyberespionage attacks of LuminousMoth, researchers discovered that the group had targeted over 1400 and 100 victims in the Philippines and Myanmar, respectively, since October 2020. LuminousMoth and HonetMyte typically use spear-phishing emails embedded with malicious Dropbox download links to enter the victims’ systems. Once inside, the malware attempts to infect other systems using removable USB drives and previously stolen files.
China All Set To Implement New Cybersecurity Regulations
The Chinese government has recently released a new set of regulations that provides strict instructions for all vulnerability disclosure procedures in the country. Some of the controversial articles in these new regulations prevent cybersecurity researchers from highlighting the details of a vulnerability before giving the vendor enough time (and also to adversaries to exploit the same) to fix the issues. The regulations further instruct researchers to report a bug to the state authorities within two days of spotting it.
In addition, the regulations make vendors chargeable if they fail to fix bugs and release patches on time. These new regulations will be operational from 1st September 2021, but work on these new rules has continued since 2017. Last week, Beijing officials released new cybersecurity laws for all companies with over a million users that they must mandatorily undergo a security audit before listing their shares overseas.
Microsoft Fixes 117 Flaws In Its Patch Tuesday Updates For July
Microsoft’s Patch Tuesday updates are out, and this month’s update contains patches for more than the combined total of the last two months. A total of 117 security vulnerabilities, with 13 critical, 103 important, and a moderate severity flaw, were patched. Nine zero-day vulnerabilities were also fixed among these vulnerabilities.
The updates apply to all Microsoft products – Exchange Server, Windows, Windows DNS, Bing, Visual Studio Code, Dynamics, Office, and Scripting Engine. The major security flaws patched in the July Update have been dubbed as CVE-2021-34527, CVE-2021-31979, CVE-2021-33771, and CVE-2021-34448. The zero-day vulnerabilities include – CVE-2021-34448, CVE-2021-34523, CVE-2021-33781, CVE-2021-33779, and CVE-2021-34492. If you haven’t updated your Microsoft apps and software yet, here is a quick reminder to do it at the earliest!
Romanian And Greek Police Make 8 Arrests
The Romanian and Greek police recently arrested eight cybercriminals from an organized crime group. These attackers had defrauded online shoppers of over $2.4 million and set up around 300 bank accounts in Poland, Spain, Hungary, the Netherlands, and Germany using fake IDs.
In their raids, the authorities seized mobile phones, $261,000 in cash, and travel documents from 30 locations. The cybersecurity experts revealed that the adversaries used phishing scams, fake advertisements, payment, and transport companies to trick unsuspecting users. These attacks also stored the personal details, bank and card information, and login credentials of users. The same was later circulated among the cybercriminals’ networks.