Each week Zacco tracks the latest cyber security threats, current industry news or trends and insights into the latest protection best practice. The Cyber Security Digest is a weekly compilation of the most significant developments within both cybersecurity and digital protection space, with links to further information on how it might affect you, your company or your clients.
Essential reading for cyber security professionals, as well as the general public, to keep you informed of current events and emerging threats.
The ransomware gang Lapsus$ has stolen a huge trove of data from Samsung Electronics, they have led around 190 GB of data as proof of the hack. The stolen data include Source code for every Trusted Applet (TA), Algorithms for all biometric unlock operations, Bootloader source code, confidential source code from Qualcomm and various other source codes.
An anonymous hacker group Network Battalion 65 with several other hacking groups attacked the Russian Nuclear Institute. The hacking group has confirmed that they have compromised and leaked more than 40, 000 confidential documents of the Nuclear Institute.
The US giant satellite operator “Orange” confirmed a cyber-attack on its subsidiary Nordnet in France. The company said that its service went offline and affected nearly 9000 of its subscribers.
Research from ThreatFabric has discovered an Android banking trojan that is being spread via the Google Play Store. Xenomorph has more than 50000 installations and have been targeting more than 56 European banks and stealing sensitive information from the devices.
Ukraine government officials said that their government websites and banks suffered massive DDOS attacks. Some of the systems are not operatable and some of the websites have minimised the damage by switching the traffic to another provider. Few of them were able to withstand the attack.
The malware has affected more than 5000 ma Sweden, Bulgaria, Russia, Bermuda, and Spain. This malware is spreading in the form of torjanized gaming apps. The Malware has been dubbed as “Electron Bot” by the cybersecurity company checkpoint.
According to a person familiar with the incident said that the breach was connected to an ongoing crisis in Ukraine. The attack has taken down the some of systems for two. It has affected its companies’ developer tools and email systems none of the business and commercial activities were affected.
A critical vulnerability was found in UpdraftPlus, a WordPress plugin with over three million installations. The vulnerability can be weaponised to download the sites private data using accounts on the vulnerable sites. This vulnerability was discovered by Marc-Alexandre Montpas of Automattic.
Google announced on Wednesday that it is bringing its Privacy Sandbox initiatives to Android. It focuses on protecting user data and reducing the number of information sites can track on users.
Microsoft Teams which has around 270 million active users is now being used as an attack vector by hackers. A security research team from Avanan observed that attackers are including malicious executables in the chat to spread malware.
Microsoft 365 research team has called out various avenues used by threat actors to steal private cryptographic keys to carry out unauthorised fund transfers from cryptocurrency users. Ice phishing allows the hacker to deceive the target into signing a transaction that delegates approval of the user’s token to the hacker.
Google releases security updates for February 2022, which address two critical flaws. One of the vulnerabilities resides in the Qualcomm component and the other one is a critical flaw that allows remote escalation privileges without any user interaction.
On Thursday iOS iPadOS and macOS have received security updates that fixed the WebKit flaw. A hacker if exploited the vulnerability can gain arbitrary code execution privileges. Apple has credited an anonymous researcher for discovering and reporting this flaw.
CISA has asked the federal agencies to fix the Win 32k privilege escalation flaw immediately. Threat actors are actively exploiting the vulnerability. With successful exploitation, the hacker can create new admin users, execute privilege commands, and can spread laterally through the network.
Microsoft released security patches for 51 vulnerabilities during February 2022. Out of these 51 vulnerabilities, 50 are classified as important and 1 as moderate. Out of these 51 vulnerabilities, 59% of the vulnerabilities are locally exploitable and 37% are remotely exploitable.
An apple iPhone vulnerability that is patched currently was found to be exploited by the Israeli company NSO Group and weaponized by a different surveillance vendor named QuaDream. FORCEDENTRY (CVE-2021-30860, CVSS score: 7.8) “one of the most technically sophisticated exploits,” said Google project Zero which studies Zero-Day exploits in hardware and software.
