Cleafy researchers disclosed a new Android trojan TeaBot, that allows “live streaming of the device screen (on demand) and also interacts with it via Accessibility Services”. The malware, first seen in attacks against Italian banks, is now hitting banks in Belgium & the Netherlands. TeaBot uses overlay attacks, interception of SMS messages, keylogging, and other exploits to steal victim’s credentials and SMS messages for enabling fraud scenarios against a predefined list of banks (more than 60 targeted banks were extracted).
ISBuzz Team
BACKGROUND: The NCSC has published its Active Cyber Defence – The Fourth Year report into the achievements and efforts of the Active Cyber Defence (ACD) programme. It underlines the focus on defending against ‘scale and commodity attacks’, not expecting to prevent every attack but to ‘make life harder for attackers, and raise their costs to a level that is difficult to sustain’. The theme of ACD efforts this year was helping to protect in the context of the pandemic. The report includes details of the NCSC’s Protective DNS (PDNS) service, delivered by Nominet, which exists to combat malicious activity for public sector users. PDNS prevents the…
BACKGROUND: CaptureRx is notifying healthcare providers’ clients that unauthorized access to certain files could have exposed patient details like medical records, name, date of birth, and prescription information. CaptureRx recently announced that it became aware of unusual activity involving certain of its electronic files. While, investigating the unusual activity, on February 19, 2021, they found that certain files were accessed and acquired on February 6, 2021 without authorization.
TechNadu is sharing images from a reported Babuk cyberattack on Japanese Power Tool Maker Yamabiko (who has not yet issued a statement on the attack). The threat actors claim to have stolen 0.5 TB of sensitive data and are already leaking out some of the documents. An expert from Blue Hexagon offers comments.
BACKGROUND: An attack on CaptureRX, which helps healthcare providers administer 340B programs (which let those serving vulnerable patient populations purchase outpatient drugs at discounted prices), has exposed patients’ names, date of birth, and prescription information. Cybersecurity experts offer perspective.
BACKGROUND: It has been reported that the UK’s cybersecurity agency has taken down more scams in the last year than in the previous three years combined, with coronavirus and NHS-themed cybercrime fuelling the increase. Experts oversaw a 15-fold rise in the removal of online campaigns compared with 2019, according to the National Cyber Security Centre (NCSC). There was a jump in the number of phishing attacks using NHS branding to dupe victims, with the Covid-19 vaccine rollout used as a lure via email and text message to harvest people’s personal information for fraud. Forty-three fake NHS Covid-19 apps hosted outside…
BACKGROUND: US fuel pipeline operator Colonial Pipeline has temporarily halted all pipeline operations after a cyberattack, the company said in a statement late on Friday. The company is a major US supplier of gasoline, diesel, jet fuel, and other refined products. It transports around 45% of fuel supplies around the US east coast. Colonial Pipeline said it learned of the attack on Friday, but provided no details of the type of hacking incident. In response, the firm took systems offline to contain the threat, it said in the statement. This temporarily halted operations and affected some of its IT systems,…
Peloton bug has permitted an unauthenticated user access to view sensitive information for all users and snoop on live class statistics and its attendees, despite having a private mode.
The National Cyber Security Centre warned that smart cities will be the next major target for cybercriminals. This comes after a year of booming cybercrime, with a nearly 600% rise in malicious attacks worldwide. How, then, can we protect against this rising threat?
Following the news that in an apparent industry first, the global insurance company AXA says it will stop writing cyber-insurance policies in France that reimburse customers for extortion payments made to cybercriminals, please see below for comments from cybersecurity experts.