Each week Zacco tracks the latest cyber security threats, current industry news or trends and insights into the latest protection best practice. The Cyber Security Digest is a weekly compilation of the most significant developments within both cybersecurity and digital protection space, with links to further information on how it might affect you, your company or your clients.
Essential reading for cyber security professionals, as well as the general public, to keep you informed of current events and emerging threats.
The biggest oil terminals of western European ports have been hit by cyber-attack. Threat actors have hit some of the major ports such as Antwerp and Rotterdam. “At this stage, the investigation is ongoing and at a sensitive stage,” said Europol spokesperson Claire Georges.
The critical vulnerability was discovered by a cybersecurity analyst at Zero-Day Initiative (ZDI) and it has been tracked as CVE-2021-37852. The vulnerability lets attackers exploit the AMSI scanning function. ESET has released a patch to fix this local privilege escalation vulnerability.
The US Department of Justice said in their press release that multiple criminal Indian based call centres have misled American citizens and the elderly by utilizing scams such as Social Security, IRS impersonation as well as loan fraud. It has been reported that more than 20 million dollars were lost due to these scams.
Bitdefender mobile researchers intercepted over 100,000 smishing attempts. They were aimed at spreading the malware FluBot. TeaBot malware disguised as a QR scanner has been found in the Google Play Store. The application has over 100,000 downloads and has delivered over 17 different variants of the malware between 6th December 2021 and 17th January 2022.
The US Federal Communications Commission has revoked the license of China Unicom Americas. The FCC ordered the company to cease providing service in the US within 60 days. It was a decision based on serious national security concerns.
Lazarus Group, a group of North Korean hackers, is using Windows Update to execute its malicious payload. The hackers use a decoy word file to execute malicious macros embedded within the document when opened.
Researchers from RyeLv have publicly released an exploit for a Windows local privilege elevation vulnerability. An attacker could gain elevated privileges by exploiting the Win32k vulnerability
Internet testing led to the discovery of multiple vulnerabilities on CISCO Redundancy Configure Manager for CISCO StarOS. The vulnerability could let an attacker execute arbitrary commands or disclose sensitive data with root privileges.
Cybercriminals use Telegram as a medium to sell financial details because it has a wider reach, has around 500 million users, easy to create channels, provides end to end encryption and only blocks extremist content. A report published by cybersecurity experts at Cybersixgill shows that there is a drop in sales when compared to 2020 and 2021but they say it’s not the end and it remains a stable issue.
Natalie Silvanovich of Google Project Zero was the one who discovered the two Zero-day vulnerabilities. A key trait of this vulnerability is that it does not leave any traces of malicious activity. Yet another thing to note is that this vulnerability takes control of the device without users clicking on any link. Zoom has issued an update for the two Zero-days.
European law enforcement agency Europol shut down VPN provider VPNLab.net. VPNLab was mainly used by malicious actors for deploying ransomware and to conduct other cybercrimes across Germany, Netherlands, Canada, Chez Republic, France, Hungary, Latvia, Ukraine, US, and the UK. The officials said that they have taken down 15 of its servers
The Electronic Frontier Foundation said that Google has rolled out a new feature for its smartphones, which allows users to disable 2G. This will increase the security of the device as 2G uses weak encryption which can be bypassed by hackers to preclude calls and text.
Ukrainian’s Ministry of Foreign Affairs spokesperson Oleg Nikolenko tweeted that “As a result of a massive cyber-attack, the websites of the Ministry of Foreign Affairs and several other government agencies are temporarily down”. Fewer than 70 websites of Ukrainian government websites went down after a massive cyber-attack. The security service said that there is a possible involvement of Russian hacking groups.
FSB Russia’s Federal Security Service conducted a special surprise takedown which led to the arrest of several members of the most famous Ransomware Gang REvil. The mission was conducted at the request of US authorities. The raid was conducted in 25 locations that belonged to 14 suspected members of the organization.
Microsoft released patches for 102 vulnerabilities during the month of January 2022. Out of these 102 vulnerabilities, 9 are classified as critical and 92 as important and one as moderate. It is found that locally exploitable vulnerability is more than the remotely exploitable ones.
Security researchers from Palo Alto networks, unit 42 has reported a new kind of supply chain attack. Which uses malicious java code in the video. This campaign has affected more than 100 real estate websites. The experts have not disclosed the name of the company, and it said that Unit 42 has helped the company to remove the malware.
