<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 5/4/2020

SHARE

Hacking

TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy

Threat actors are using people's interest in the Department of Labor's Family and Medical Leave Act (FMLA) to spread what appears to be the TrickBot trojan in a new spam campaign that security researchers discovered recently. Recent analysis from spam honeypots set by IBM X-Force discovered actors targeting email recipients with fake messages that claim to be from the department to inform people of changes to the FMLA, which gives employees the right to family-leave medical benefits. READ MORE...


Fake Microsoft Teams notification emails are hitting inboxes

Phishers are using fake Microsoft Teams notification emails to trick users into sharing their Microsoft Teams and Office 365 login credentials. "Should the recipient fall victim to this attack, this user's credentials would be compromised. Additionally, since Microsoft Teams is linked to Microsoft Office 365, the attacker may have access to other information available with the user's Microsoft credentials via single-sign on," Abnormal Security warns. READ MORE...

Malware

Sodinokibi, Ryuk ransomware drive up average ransom to $111,000

The first quarter of the year recorded an increase in the average amount ransomware operators demand from their victims. Compared to the previous quarter, a 33% swell was noted, driven by the Sodinokibi and Ryuk ransomware operators. Behind this are successful attacks against large enterprises that can afford to pay top dollar to get their data back. READ MORE...


Creator of notorious 'Love Bug' virus comes clean after 20 years

The man who created the first major global computer virus has finally admitted he was behind it, 20-years after it was unleashed. Onel de Guzman said he authored the Love Bug computer worm to steal passwords as a way to freely access the internet, according to a forthcoming book on cyber crime. But the malicious code spread around the globe and caused billions of dollars in damage. READ MORE...


New 'EventBot' Android Malware Targets Nearly 300 Financial Apps

A newly discovered piece of Android malware is targeting the users of close to 300 financial applications across the United States and Europe, Cybereason Nocturnus security researchers warn. Dubbed EventBot, the threat appears to be newly developed, as its code differs significantly from that of other Android malware out there. Furthermore, the researchers believe this banking Trojan and infostealer is under active development and rapidly evolving. READ MORE...


Upgraded Cerberus Spyware Spreads Rapidly via MDM

No longer a simple Android banker, Cerberus is now a full-fledged RAT that can take complete control of devices and automatically spread via mobile device management servers. A newly discovered variant of the Cerberus Android trojan has been spotted, with vastly expanded and more sophisticated info-harvesting capabilities, and the ability to run TeamViewer. READ MORE...

Exploits/Vulnerabilities

Recent Salt Vulnerabilities Exploited to Hack LineageOS, Ghost, DigiCert Servers

Over the past several days, hackers have exploited two recently disclosed Salt vulnerabilities to compromise the servers of LineageOS, Ghost and DigiCert. Managed by SaltStack, Salt is an open-source configuration tool to monitor and update the state of servers in both datacenters and cloud environments. Called minions, agents installed on servers connect to a master to deliver state reports (to a "request server") and receive updates (from a "publish server"). READ MORE...


Oracle Says Hackers Targeting Recently Patched Vulnerabilities

Oracle warned customers on Thursday that threat actors have been spotted attempting to exploit multiple recently patched vulnerabilities, including a critical WebLogic Server flaw tracked as CVE-2020-2883. Eric Maurice, director of security assurance at Oracle, said the company had received "reports of attempts to maliciously exploit a number of recently-patched vulnerabilities." He only mentioned CVE-2020-2883, but advised customers to install the latest patches as soon as possible. READ MORE...

On This Date

  • ...in 1865, President Lincoln is buried in Springfield, Illinois.
  • ...in 1953, writer Ernest Hemingway wins the Pulitzer Prize for his short novel, "The Old Man and the Sea".
  • ...in 1970, four Kent State students protesting the Vietnam War are shot and killed by Ohio National Guard troops.
  • ...in 1979, Margaret Thatcher is elected as the first female Prime Minister of the United Kingdom.