Security News > 2022 > June

A 2022 report on privileged user threats by Ponemon Institutes suggests that privileged user attacks skyrocketed by 44% in 2020, with the cost per attack at $15.38 million. With the colossal damage privileged user attack leaves in their wake, averting security threats coming from malicious privileged users and the threats they may pose to your organization has become more crucial than ever.

Services for the U.K.-based Yodel delivery service company have been disrupted due to a cyberattack that caused delays in parcel distribution and tracking orders online. Cybersecurity researcher Kevin Beaumont today said that there are rumors about Yodel being hit by a ransomware attack, a plausible theory considering that these threat actors typically avoid to encrypt victim computers on weekdays, when the process is more likely to be discovered.

The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The switch in modus operandi, spotted by Romanian company Bitdefender, comes in the wake of Raccoon Stealer temporarily closing the project after one of its team members responsible for critical operations passed away in the Russo-Ukrainian war in March 2022.

7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files. When you attempt to open a downloaded file, Windows will check if a MoTW exists and, if so, display additional warnings to the user, asking if they are sure they wish to run the file.

A US bank has said at least the names and social security numbers of more than 1.5 million of its customers were stolen from its computers in December. In a statement to the office of Maine's Attorney General this month, Flagstar Bank said it was compromised between December and April 2021.

The Ukrainian Computer Emergency Response Team is warning that Russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons. The RTF document used in the APT28 campaign attempts to exploit CVE-2022-30190, aka "Follina," to download and launch the CredoMap malware on a target's device.

Security researchers found that Adobe Acrobat is trying to block security software from having visibility into the PDF files it opens, creating a security risk for the users. "Since March of 2022 we've seen a gradual uptick in Adobe Acrobat Reader processes attempting to query which security product DLLs are loaded into it by acquiring a handle of the DLL" - Minerva Labs.

Capital One Financial Corporation announced [] that on July 19, 2019, it determined there was unauthorized access by an outside individual who obtained certain types of personal information relating to people who had applied for its credit card products and to Capital One credit card customers. As you will notice from the OCC's remarks above, the breach ultimately came down to poor cloud security, with data apparently exposed due to being shifted from a privately-controlled data store into the cloud.

Members of a phishing gang behind millions of euros in losses were arrested today following a law enforcement operation coordinated by the Europol. "A cross-border operation, supported by Europol and involving the Belgian Police and the Dutch Police, resulted in the dismantling of an organised crime group involved in phishing, fraud, scams and money laundering," the Europol announced on Tuesday.

As general and military strategist Sun Tzu once wrote, "Attack is the secret of defence; defence is the planning of attack". Learn more by dropping into our upcoming webinar Don't react, prevent on June 29th at 5pm. You might find that perhaps your organization should spend less time waiting for hackers to strike then cleaning up the mess afterwards, and more time on stopping attacks by identifying, simulating and managing the threats which are almost certainly heading their way.