U.S. Finance Sector Hit with Targeted Backdoor Campaign
The financial services sector in the U.S. found itself under a barrage of cyberattacks last month, all bent on delivering a powerful backdoor called Minebridge. The attack chain employed a known method called "VBS Stomping" to avoid detection. According to researchers at FireEye, the campaigns, aimed at enabling further malware infections and espionage efforts, were initiated via phishing emails with attached documents containing malicious macros. READ MORE...
Japanese Defense Contractors Pasco, Kobe Steel Disclose Old Breaches
Japanese defense contractors Pasco and Kobe Steel this week disclosed cyber intrusions they suffered back in 2016 and 2018. Pasco is Japan's largest geospatial service provider and Kobe Steel is a major steel manufacturer. The two companies disclosed the breaches after Japan's Ministry of Defense announced last week that two unnamed contractors, in addition to Mitsubishi Electric and NEC, had been targeted in cyberattacks. READ MORE...
Magecart Gang Attacks Olympic Ticket Reseller and Survival Food Sites
A faction of the Magecart threat group, Magecart group 12, has been linked to a recent digital card skimmer attack bent on stealing payment data from a slew of websites, including ones selling anything from Olympic tickets to emergency preparation kits. Over the past few weeks, the group has targeted two ticket sales websites - Olympic Tickets and Euro 2020 Tickets, which sell tickets for the 2020 Olympics and the 2020 UEFA European football championship respectively. READ MORE...
Phishing Attack Disables Google Play Protect, Drops Anubis Trojan
Android users are targeted in a phishing campaign that will infect their devices with the Anubis banking Trojan that can steal financial information from more than 250 banking and shopping applications. The campaign uses a devious method to get the potential victims to install the malware on their devices: it asks them to enable Google Play Protect while actually disabling it after being granted permissions on the device. READ MORE...
Google Play apps with 470k installs can log in to your Facebook and Google accounts
Researchers on Thursday documented two new malware campaigns targeting Android users. The first involved nine apps that had been downloaded from Google Play more than 470,000 times. The first involved nine apps that had been downloaded from Google Play more than 470,000 times. A second, unrelated campaign used cleverly crafted phishing emails to trick users into installing one of the nastiest pieces of malware targeting the Android OS (more about that later). READ MORE...
Android users at risk from Bluetooth hijack attack
Google has issued a security bulletin regarding vulnerabilities in the Android operating system that could put users' devices at risk. One of the vulnerabilities, given a severity rating of "Critical" by Google, relates to a flaw that could allow an attacker, within range of a device's Bluetooth signal, to run malicious code without requiring any interaction from the user. READ MORE...
Wacom driver caught monitoring third-party software use
An engineer has detailed how graphics tablet company Wacom's privacy policy allows it to collect data unconnected to its products, such as which applications users open on their computers. In a blog, software developer Robert Heaton said he was first alerted to the behaviour when he read the company's Experience Program Privacy Policy while installing some Wacom drivers on his computer. READ MORE...
