According to Microsoft, a persistent malware campaign has been actively distributing an evolved browser modifier malware at scale since at least May 2020. At its peak in August, the threat was observed on over 30,000 devices every day. The malware is designed to inject ads into search engine results pages. The threat affects multiple browsers—Microsoft Edge, Google Chrome, Yandex Browser, and Mozilla Firefox—exposing the attackers’ intent to reach as many Internet users as possible. Microsoft Report: https://www.microsoft.com/security/blog/2020/12/10/widespread-malware-campaign-seeks-to-silently-inject-ads-into-search-results-affects-multiple-browsers/; More information: https://arstechnica.com/information-technology/2020/12/ongoing-malware-attacks-are-hitting-users-of-4-major-browsers/
ISBuzz Team
A critical CSRF vulnerability found on the Glassdoor company review platform impacted both job seekers and employers on the web domain. The vulnerability could be exploited to take over accounts.
Security vulnerabilities in mass-produced Point-of-Sale terminals have potentially allowed cybercriminals to steal credit card details en masse, leaving the average consumer out of pocket.
Following media reports that the US has issued an emergency order after revealing that its treasury and commerce departments had been hacked, please see the response below from cybersecurity expert
It’s been reported that Subway customers in the UK are receiving scam emails as part of a phishing attack. The emails also use the victims’ names and appear to come from the chain’s Subcard loyalty scheme.
The massively popular streaming service Spotify issued a data breach notice stating data exposed “may have included email address, your preferred display name, password, gender, and date of birth only to certain business partners of Spotify.”
SolarWinds supply chain attack, in which hackers (believed to be working for Russia) have tampered with software updates released by the company. Known victims of the attack so far include the US treasury, the US NTIA and FireEye itself.
It has been reported that U.S. drugmaker Pfizer and its German partner BioNTech said yesterday that documents related to development of their COVID-19 vaccine had been “unlawfully accessed” in a cyberattack on Europe’s medicines regulator. The European Medicines Agency (EMA), which assesses medicines and vaccines for the European Union, said hours earlier it had been targeted in a cyberattack.
Initially designed to compensate for the heterogeneity and volume of external threat intelligence sources, cyber threat intelligence management platforms first focused on normalising data from external threat feeds and automating the use of that data in Security Operations Centres (SOCs), and particularly in SIEMs. Over time, this initial and very operational use case continued to develop, and intelligence management platforms now play a much more global and cross-functional role. There are several reasons for this, but a primary driver has been higher awareness that a company’s greatest sources of threat intelligence are internal, and correspond to the data generated by the various services used…
Following the news that the European Medicines Agency has been the target of a cyber attack, and some documents related to the Pfizer vaccine had been unlawfully accessed, Chief Security Scientist commented below.