Security News > 2022 > February

The attacks, which lead to 2FA defeat and account takeover, have accelerated by several hundred percent in one year, leading to thousands of drained bank accounts. SIM-swapping - the practice of duping mobile carriers into switching a target's phone services to an attacker-controlled phone - is on the rise, the Feds are warning - leading to millions in losses for consumers who found their bank accounts drained and other accounts taken over.

"The objective of ModifiedElephant is long-term surveillance that at times concludes with the delivery of 'evidence' - files that incriminate the target in specific crimes - prior to conveniently coordinated arrests," said Tom Hegel, threat researcher at SentinelOne, in a blog post. ModifiedElephant prefers phishing with malicious Microsoft Office attachments to attack targets, and infect them with Windows malware.

For the past decade, unidentified miscreants have been planting incriminating evidence on the devices of human-rights advocates, lawyers, and academics in India to get them arrested. ModifiedElephant prefers phishing with malicious Microsoft Office attachments to attack targets, and infect them with Windows malware.

In a support document updated today, Microsoft stated that Windows 10 20H2 will reach EOS on May 10, 2022. "These editions will no longer receive security updates after May 10, 2022. Customers who contact Microsoft Support after this date will be directed to update their device to the latest version of Windows 10 to remain supported," Microsoft explained.

Exe in Windows Server in favor of Windows PowerShell, which also includes the ability to query Windows Management Instrumentation. "The WMIC tool is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This tool is superseded by Windows PowerShell for WMI," explains the list of deprecated Window features.

Researchers at SentinelLabs in a report today detail the tactics of ModifiedElephant explaining how recently published evidence helped them attribute previously "Orphan" attacks. ModifiedElephant has relied on spear-phishing emails with malicious attachments for over a decade now, but their techniques have evolved throughout that time.

Apple on Thursday released security updates for iOS, iPadOS, macOS, and Safari to address a new WebKit flaw that it said may have been actively exploited in the wild, making it the company's third zero-day patch since the start of the year. Tracked as CVE-2022-22620, the issue concerns a use-after-free vulnerability in the WebKit component that powers the Safari web browser and could be exploited by a piece of specially crafted web content to gain arbitrary code execution.

Apple has released security updates to fix a new zero-day vulnerability exploited in the wild by attackers to hack iPhones, iPads, and Macs. Successful exploitation of this bug allows attackers to execute arbitrary code on iPhones and iPads running vulnerable versions of iOS and iPadOS after processing maliciously crafted web content.

There's a trio of critical vulnerabilities, fixed on Tuesday, in SAP business applications that use the ubiquitous Internet Communication Manager: the component that gives SAP products the HTTPS web server they need to connect to the internet or talk to each other. The firm estimated that there were tens of thousands - approximately 40,000 - SAP customers running more than 10,000 potentially affected, internet-exposed SAP applications at the time of disclosure.

Security researchers from Onapsis - the security firm that specializes in security for SAP, Oracle, Salesforce, and other software-as-a-service platforms and that discovered the bugs - joined SAP in coordinating the release of a Threat Report describing the critical vulnerabilities onTuesday. As of Tuesday, Onapsis Research Labs had estimated that there were tens of thousands - approximately 40,000 - SAP customers running more than 10,000 potentially affected, internet-exposed SAP applications.