Researchers at Intezer has reported a new hijacking campaign that targets Microsoft Exchange with the IcedID modular banking trojan. Researchers with Intezer described the new campaign, which initiates with a phishing email, as a further evolution of the threat actors’ technique. The researchers have seen this technique used to target organizations within energy, healthcare, law and pharmaceutical sectors. In response to these findings, an expert with Blue Hexagon has offered perspectives.
Author: ISBuzz Team
Google Chrome Zero-Day Attack Google Chrome experienced a zero-day attack (a zero-day attack is when a threat actor exploits a vulnerability before software developers are aware and can find a fix). The attack was reported to Google by an anonymous security researcher, and Google acknowledges that it is actively exploited in the wild. Google released its updated version of Chrome, 99.0.4844.84, which is rolling out worldwide. Nuspire recommendations: Users and organizations should update their instances of Google Chrome as soon as possible to 99.0.4844.84 for Windows, Mac and Linux to mitigate against CVE-2022-1096. Individual users can check their version and…
Online fraud now accounts for 40% of all crime in the UK as recorded by the Crime Survey of England and Wales, with online fraud and cyber crimes responsible for nearly £2bn in losses in 2021. According to the latest ONS report, investment fraud victims lost the most money last year, with investment fraud showing a 42% year-on-year growth in reported cases. With people aged 18-24 making up 25% of online investment scam victims, reports have stated that young people are being lured by fake ads and accounts on social media platforms such as Facebook, Instagram, and Twitter, as fraudsters…
The White House released its budget today for the fiscal year 2023, which includes up to $5.8 trillion to bolster cybersecurity defences for federal departments. The Biden administration said it “reprioritized cybersecurity by strengthening resilience at home and accelerating cooperation with allies and the private sector.” This move, the administration says, will further strengthen military resources and further enhance cyber resiliency. Additionally, money dedicated to cybersecurity will aid in protecting against attacks launched by threat actors. Further, the White House is asking for funding for the civilian sector of nearly $10.9 billion. They money would be used to provide resources…
According to the latest data from international law firm RPC, ransomware attacks have more than doubled in the past year, driven by their increasing profitability for scammers. The number of attacks reported to the Information Commissioner’s Office has increased 100 per cent from 326 in 2020 to 654 in 2021. The findings revealed that the finance, insurance, credit and Education and Childcare were the hardest hit sectors. The sectors that are privy to sensitive financial data are often at the highest risk of being targeted by gangs. https://www.cityam.com/uk-ransomware-attacks-double-in-past-year/
It has been reported that researchers have disclosed a ‘replay attack’ vulnerability affecting select Honda and Acura car models, that allows a nearby hacker to unlock your car and even start its engine from a short distance. The attack consists of a threat actor capturing the RF signals sent from your key fob to the car and resending these signals to take control of your car’s remote keyless entry system. The vulnerability, according to researchers, remains largely unfixed in older models. But Honda owners may be able to take some action to protect themselves against this attack. The vulnerability, tracked as CVE-2022-27254, is a Man-in-the-Middle (MitM) attack…
CISA, FBI and the DOE released a joint Cybersecurity Advisory (CSA) detailing state-sponsored Russian cyber actors from 2011 to 2018 that targeted U.S. and international Energy Sector organizations. The CSA highlights historical tactics, techniques, and procedures as well as mitigations Energy Sector organizations can take to protect their networks. They recommend a set of ICS Best Practices, as well as a list of 10 mitigations with specific actions intended to harden corporate enterprise networks: Privileged Account Management: Manage the creation of, modification of, use of—and permissions associated with—privileged accounts, including SYSTEM and root.Password Policies: Set and enforce secure password policies…
A set of flaws affecting the world’s leading messaging and email platforms, including Instagram, iMessage, WhatsApp, Signal, and Facebook Messenger, has allowed threat actors to create legitimate-looking phishing URLs for the past three years.
According to an FBI memo obtained by CBS News and CNN Tuesday, hackers “believed to be associated with cyber actors who previously conducted destructive cyber activity against foreign critical infrastructure” have been scanning the networks of five US energy companies in a possible prelude to hacking attempts. The memo stated, “This scanning activity has increased since the start of the Russia/Ukraine conflict, leading to a greater possibility of future intrusions.” CBS news reported today, the FBI has identified 140 overlapping IP addresses linked to “abnormal scanning” activity of at least five U.S. energy companies, as well as at least 18…
The British Army and senior government ministers have outright banned WhatsApp use over fears that Russia is hacking the messaging platform to acquire sensitive information. Secure alternatives are needed, fast. Please find expert comment below from Matthew Hodgson, CEO at Element, a secure, decentralised messaging app, favoured by governments and secret services worldwide. The app is rapidly gaining traction, with millions of new downloads since the Russian invasion of Ukraine.