Security News > 2021 > June
The US Department of Justice has seized two Internet domains used in recent phishing attacks impersonating the U.S. Agency for International Development to distribute malware and gain access to internal networks. Com and were used to receive data exfiltrated from victims of the targeted phishing attacks and send further commands malware to execute on infected machines.
Accellion failed to notify customers of a zero-day vulnerability in its file transfer application and related cyber-attacks targeting the security flaw, according to a new report from professional services firm KPMG. FTA is a large file transfer service that was retired at the end of April 2021, after being in use for roughly 20 years. At the time of attack, FTA still had roughly 50 customers, and some already confirmed impact from the incident, including The Reserve Bank of New Zealand, the U.S.-based law firm Jones Day, the Office of the Washington State Auditor, and security and compliance solutions provider Qualys.
Exploits for vulnerabilities in Microsoft's Office suite were the most popular among cyber-attackers during the first quarter of this year, according to a new Kaspersky report. Microsoft Office exploits accounted for more than half of the observed exploits, with CVE-2017-11882 remaining the most commonly targeted vulnerability.
The White House has confirmed today that JBS, the world's largest beef producer, was hit by a ransomware attack over the weekend coordinated by a group likely from Russia. JBS only hinted that a ransomware group caused the incident on Monday, stating that "The company's backup servers were not affected, and it is actively working with an Incident Response firm to restore its systems as soon as possible."
A ransomware attack on the world's largest meat company is disrupting production around the world just weeks after a similar incident shut down a U.S. oil pipeline. JBS has not stated publicly that the attack was ransomware.
Microsoft Edge now can automatically switch users to a secure HTTPS connection when visiting websites over HTTP after enabling Automatic HTTPS. This new feature is in preview in the Canary and Developer preview channels and is rolling out to select users of Microsoft Edge 92. "Automatic HTTPS switches your connections to websites from HTTP to HTTPS on sites that are highly likely to support the more secure protocol," Microsoft said today.
The first report, detailing desktop attacks, found that cryptomining malware has exploded in popularity, while the second report covering mobile devices, revealed that a popular Trojan targeting gamers has made the leap from PC to Android. Between February and March 2021, during which time the price of a single bitcoin increased by more than $10,000, the number of modified cryptomining malware found by Kaspersky experienced a similar jump with a fourfold increase over the course of the same time period.
Eavesdropping on the chatter of 600+ cybercriminal forums shows that cybercriminals have specific preferences, shown by the flavors of exploits they requisition, and that the bug bounty programs either are too slow, don't pay enough or are just the start of profit-making. A year-long study into the underground market for exploits in cybercriminal forums demonstrates that crooks are salivating for Microsoft bugs, which are far and away the most requested and most sold exploits, but that exploits can be valuable for years past their zero days, meaning that patching is still high-priority for high-priority vulnerabilities.
The thought of ransomware gripping the corporate systems we manage is enough to give any of us sleepless nights. The thought of a ransomware attack crippling the healthcare infrastructure all of us rely on is terrifying.
Threat actors are scanning for sites running the Fancy Product Designer plugin to exploit a zero-day bug allowing them to upload malware. Fancy Product Designer is a visual product configurator plugin for WordPress, WooCommerce, and Shopify, and it allows customers to customize products using their own graphics and content.