Security News > 2022 > July
The investigation relies on information mainly gathered by the US central bank regarding an internal probe of 13 persons of interest known as the P-network. Those individuals were allegedly part of a network engaged in a "Sustained malign influence and information theft campaign" targeting the Federal Reserve.
As many as 207 websites have been infected with malicious code designed to launch a cryptocurrency miner by leveraging WebAssembly on the browser. Js code makes use of WebAssembly to run low-level binary code directly on the browser.
Traditional security approaches that rely on reactive, detect-and-respond measures and tedious manual processes can't keep pace with the volume, variety, and velocity of current threats, according to Skybox Security. As a result, 27% of all executives and 40% of CSOs say their organizations are not well prepared for today's rapidly shifting threat landscape.
Threat actors are increasingly abusing Internet Information Services extensions to backdoor servers as a means of establishing a "Durable persistence mechanism." Attack chains taking this approach commence with weaponizing a critical vulnerability in the hosted application for initial access, using this foothold to drop a script web shell as the first stage payload. This web shell then becomes the conduit for installing a rogue IIS module to provide highly covert and persistent access to the server, in addition to monitoring incoming and outgoing requests as well as running remote commands.
An information-stealing malware called Amadey is being distributed by means of another backdoor called SmokeLoader. The attacks hinge on tricking users into downloading SmokeLoader that masquerades as software cracks, paving the way for the deployment of Amadey, researchers from the AhnLab Security Emergency Response Center said in a report published last week.
IBM Security released the 2022 Cost of a Data Breach Report, revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for studied organizations. Almost 80% of critical infrastructure organizations studied don't adopt zero trust strategies, seeing average breach costs rise to $5.4 million - a $1.17 million increase compared to those that do.
IBM has started offering quantum-resistant crypto - using the quantum-resistant crypto recommended by the US National Institute of Standards and Technology. China is felt to be stealing data today, safe in the knowledge its future quantum computers will be able to decrypt it in the near future.
Security vendor WithSecure, which was spun out in March 2022 as F-Secure's enterprise security arm, claims it's found malware that targets Facebook Business accounts. "The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim's Facebook account and ultimately hijack any Facebook Business account that the victim has sufficient access to."
In a building under construction at the Advanced Technologies Park in Be'er Sheva, the "Cyber capital" of Israel, a new governmental lab is also taking shape: the National Cyber-Kinetic Lab for ICS and OT. A joint venture between the Israel Ministry of Energy and the Israel National Cyber Directorate, it will serve as a sandbox for testing computing devices embedded in physical processes and simulating cyber-attacks on scaled-down models of real-life industrial and critical infrastructure control systems. "The lab should be up and running in a couple of months and we plan to open it to the world in the second part of 2023," Dadi Gertler, Executive Director of Technology Systems within the Cyber Technology Unit at the INCD, told Help Net Security at Cyber Week in Tel Aviv last month.
SaaS services are highly valuable targets as data is now being stored in the different apps and services. In this Help Net Security video, Yoav Kalati, Head of Threat Intelligence at Wing Security, illustrates how it's no surprise that SaaS security is failing.