Cyber attacks account for some of the most significant financial losses across industries annually. The following cybersecurity incidents shall leave you baffled and with an urge to expedite your organizations’ security strategies.
Newest Google Fuzzer Atheris To Identify Bugs In Python Codebase
Google Fuzzing tools like ClusterFuzz, OSS-Fuzz, Fuzzilli, Syzkaller, and BrokenType have successfully discovered bugs in C or C++ applications since 2013. However, a similar fuzzer was missing for the rampantly used Python Codebase. But Google’s cybersecurity experts now have it figured. They have open-sourced an automated fuzzing utility called Atheris, which shall enable developers to find security bugs in Python 3.8, CPython extensions, Python 2.7, and Python 3.3+.
Atheris is Google’s attempt to look for vulnerabilities in the programming language Python and patch them well in advance. Like its other cybersecurity tools, Google plans to increase the efficacy of Atheris by adding support for its fuzz tests on OSS-Fuzz. This platform has been highly successful in the identification of bugs over the years.
The 2016 Dyn Attacker Pleads Guilty
Weeks ahead of the 2016 US Presidential Elections, a group of juvenile attackers had launched a DDoS attack on the internet infrastructure company Dyn and other sites like Spotify, Reddit, Netflix, and Twitter. Four years after the incident, a defendant has pleaded guilty before the US Department of Justice. The sentence has been scheduled for 7th January 2021and shall see the hackers pleading guilty for computer fraud.
The attackers used the Mirai botnet for the Dyn attack, the creators of which are already under trial. Such instances of the bad guys getting penalized seem to rekindle our faith in the system.
$1 Trillion Lost To Cyberattacks Last Year
A harrowing study by McAfee and CSIS reveals that over $1 trillion was lost to cybersecurity incidents in 2019. The alarming rate of loss was caused by the changing attack trends where the cyber adversaries have shifted from attacking individual systems to organizations as a whole. McAfee’s CTO Steve Grobman feels that it’s high time for enterprises to take email security services seriously. A cyber attack has far too many dimensions to it than the apparent financial losses. An attack is usually followed by indefinite system downtime, loss of potential business, and goodwill damage along with other re-establishment costs such as investigating an attack, responding to it, notifying the involved individuals and corporations, taking remedial measures, etc.
McAfee remarks that around 75% of all cyberattacks in 2019 were targeted at financial theft. No organization can any longer claim to have its network secure because recent trends indicate the exploitation of credentials already available on the dark web to break through newer company environments. The McAfee study suggests that email security as a service is no longer a choice but a necessary investment for enterprises across all industries.
Molerats Suspected Of Launching Cyber-Espionage On Middle-Eastern Politicians
Cybersecurity researchers at Cybereason suspect the APT group Molerats of targeting government officials and high ranking political figures in a new cyber-espionage campaign that exploits social media and cloud platforms. The group is known for its politically motivated attacks, and the Spark and Pierogi backdoor attacks on the Palestinian officials is just one example.
The latest cyber-espionage campaign uses MoleNet (a downloader) and SharpStage and Dropbox (backdoors) to steal sensitive data using the Facebook, Dropbox, Google Docs, and Simplenote applications installed in the victims’ computers. Attackers also employed the backdoor Spark and the open-source Quasar RAT – both used by Molerats in the past.
Yet another nerve-racking method employed by the adversaries for espionage is email phishing. The use of political events for launching attacks isn’t unusual but issuing command and control instructions from reputed social media and cloud platforms is what clouds the efficacy of modern-day cybersecurity tools.
Sidewinder Uses Territory Disputes To Target South Asian Countries
The APT group SideWinder has used the latest territory disputes between India, China, Nepal, and Pakistan to launch phishing and malware attacks on the nations. However, this campaign’s prime targets are military governments and units in Nepal and Afghanistan, such as the Nepali Army, Nepali Ministries of Defense and Foreign Affairs, Sri Lankan Ministry of Defense, Presidential Palace in Afghanistan, and the Afghanistan National Security Council.
The adversaries create spoofed webmail login pages that look exactly like the legitimate ones and steal victims’ credentials. The victims are then redirected to the actual login page to news articles on Covid 19 and other political aspects. Furthermore, SideWinder also sends phishing emails to victims embedded with a malicious cyberespionage-aimed backdoor. They also plan to use a mobile app to exfiltrate sensitive data from wireless devices. Since most of SideWinder’s emails lure revolve around currently relevant topics such as Coronavirus or international disputes, cybersecurity researchers advise organizations and users to remain vigilant and take necessary ransomware protection.
Cyberattack Targets European Medicines Agency
The CISO at Johnson & Johnson recently said that companies like hers (engaged in finding a vaccine for Covid 19) are targeted by state-sponsored cyber attackers every minute of every day. The latest addition to this shower of attacks on possible vaccine creators is the one on the European Medicines Agency (EMA). EMA is the EU regulatory body responsible for approving COVID-19 vaccines.
EMA notified stakeholders of the breach via a post on its website recently but has refrained from disclosing further details till their investigation continues. EMA was in the middle of reviewing COVID 19 vaccine applications from US pharma – Moderna and the one sent by BioNTech and Pfizer. In line with the breach, BioNTech put up on its website that the adversaries had accessed some documents related to their (BioNTech and Pfizer) COVID-19 vaccine candidate, BNT162b2, that was stored on the EMA server. BioNTech’s post cleared the air and confirmed that the attack wasn’t financially-motivated, and targeted the COVID-19 research.
Pharma companies engaged in COVID-19 research need to strengthen their email protection and cybersecurity measures lest they become victims of another attack by a nation-sponsored hacking group.
And that’s the week that was.