Security News > 2020 > May
A sophisticated phishing kit has been used by multiple cybercrime groups to target high-ranking employees in North America and other parts of the world, and researchers believe there are at least 150 victims. The emails and PDF documents used in the PerSwaysion campaign have been created with a phishing kit and an associated PDF generator that Group-IB believes was developed by someone in Vietnam.
Researchers have analysed a new strain of Android malware that does not yet exist in the wild. EventBot asks the user for permission to use accessibility services, a powerful feature since these services require extensive permissions in order to work, including acting as a keylogger, for example, and running in the background.
All the things we have come to expect from a modern Internet service now depend on open computing and APIs. More recently, API usage has seen even greater exponential growth driven by several factors - the first of which is the ubiquitous mobile device.
A new type of mobile banking malware has been discovered abusing Android's accessibility features to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes. Called "EventBot" by Cybereason researchers, the malware is capable of targeting over 200 different financial apps, including banking, money transfer services, and crypto-currency wallets such as Paypal Business, Revolut, Barclays, CapitalOne, HSBC, Santander, TransferWise, and Coinbase.
A new type of mobile banking malware has been discovered abusing Android's accessibility features to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes. Called "EventBot" by Cybereason researchers, the malware is capable of targeting over 200 different financial apps, including banking, money transfer services, and crypto-currency wallets such as Paypal Business, Revolut, Barclays, CapitalOne, HSBC, Santander, TransferWise, and Coinbase.
Netsweeper's internet filter has a nasty security vulnerability that can be exploited to hijack the host server and tamper with lists of blocked websites. Rathaus told The Register that, in the worst case scenario, a hacker could exploit the bug to not only take over the host server, but also manipulate how users have their content filtered and delivered by Netsweeper.
With an increased risk of employees falling prey to cyber attacks, business leaders must leverage new policies and technologies to keep their companies and employees safe. Having these safeguards in place can ensure employees will not need to replace or reinstall hardware, provide detection and automatic recovery of the firmware system in the case of BIOS corruption or compromise due to malware, and provide a peace of mind.
The latest version of Guardicore Infection Monkey now maps its actions to the MITRE ATT&CK knowledge base, providing a new report with the utilized techniques and recommended mitigations, to help security and network infrastructure teams simulate APT attacks and mitigate real attack paths intelligently. Datadog Security Monitoring: Detect threats in real time, investigate security alerts.
Cyber scammers are starting to use legitimate reCAPTCHA walls to disguise malicious content from email security systems, Barracuda Networks has observed. The reCAPTCHA walls prevent email security systems from blocking phishing attacks and make the phishing site more believable in the eyes of the user.
In a report Thursday looking at how the pandemic will shape organized crime in the EU, Europol said much of the criminality related to the deadly virus reflects the flexibility of criminal organizations, a trend that was already witnessed during previous financial crises. The impact became evident much more quickly, with a sharp increase in cybercrime in the first weeks of the virus's spread. "New and adapted attacks appeared almost immediately from the onset of the crisis and have been among the most visible types of criminality," Europol said.