Security News > 2020 > September

SEE: Pro tips: Ubuntu 20.04.What you'll needAn instance of Ubuntu Server 20.04.A user with sudo privileges. Sudo apt-get update sudo apt-get upgrade -y How to install Java.

A newly uncovered banking trojan called Alien is invading Android devices worldwide, using an advanced ability to bypass two-factor authentication security measures to steal victim credentials. Researchers believe Alien is a "Fork" of the infamous Cerberus banking malware, which has undergone a steady demise in use over the past year.

read more

A Nigerian hacker was sentenced to 36 months in prison in the United States for participating in a scheme that targeted government employees. According to court documents and statements, Ogunremi and co-conspirators perpetrated their scheme from at least July 2013 through December 2013, targeting "U.S. government agencies' email systems and General Services Administration vendors," the U.S. Department of Justice reveals.

The COVID-19 pandemic has apparently resulted in industrial systems being increasingly targeted by malicious actors through brute-force attacks on the Remote Desktop Protocol, Kaspersky reported on Thursday. Kaspersky's report on the industrial threat landscape for the first half of 2020 reveals that the number of attacks aimed at RDP on industrial computers increased steadily between February and May. The cybersecurity firm has seen brute-force attacks against RDP passwords on 0.16% of the industrial control systems it protected in February and 0.33% in May. The percentage dropped slightly in June, but still remained at an above average level.

A hacking group whose members are Russian speakers is targeting organizations in Russia and post-Soviet countries with ransomware, Group-IB's security researchers have discovered. The adversary employs phishing as means to compromise enterprise networks, and has been observed impersonating the self-regulatory organization Mikrofinansirovaniye i Razvitiye; the Minsk Tractor Works plant in Belarus; a Russian metallurgical holding company; the Russian media group RBC; and a dental clinic, Group-IB explains.

Texts were received by unsuspecting members of the public between 29 February and 30 April, said the UK Information Commissioner's Office. The texts promoted Zoono-branded hand cleaning products that purported to be "Effective against coronavirus," said the ICO. Reg readers will remember that silly members of the public bulk-bought certain products, including toilet paper and hand sanitisers as the spread of the potentially deadly virus made its way across Europe.

Microsoft says it has observed threat actors actively targeting the Zerologon vulnerability affecting Windows Server. Last week, the United States Department of Homeland Security issued an Emergency Directive requiring all federal agencies to apply the available patches for the Zerologon vulnerability within days.

Tyler Technologies, a major Texas-based provider of software and services for the U.S. government, started informing customers on Wednesday of a security incident that is believed to have involved a piece of ransomware. In the meantime, Bleeping Computer reported that the company was targeted with a piece of ransomware named RansomExx.

Banks and federal government agencies are holding up the best against cyberattacks while retail and manufacturing are faltering, according to a new report from Synack. The 2020 Trust Report from the penetration testing company found that government and financial services scored 15% and 11% higher than all other industries in 2020.