Security News > 2022 > August

Cisco on Wednesday rolled out patches to address eight security vulnerabilities, three of which could be weaponized by an unauthenticated attacker to gain remote code execution or cause a denial-of-service condition on affected devices. The most critical of the flaws impact Cisco Small Business RV160, RV260, RV340, and RV345 Series routers.

A new, large-scale phishing campaign has been observed using adversary-in-the-middle techniques to get around security protections and compromise enterprise email accounts. Opening the attachment via a web browser redirects the email recipient to the phishing page that masquerades as a login page for Microsoft Office, but not before fingerprinting the compromised machine to determine whether the victim is actually the intended target.

Other most impersonated legitimate apps by icon include 7-Zip, TeamViewer, CCleaner, Microsoft Edge, Steam, Zoom, and WhatsApp, an analysis from VirusTotal has revealed. "One of the simplest social engineering tricks we've seen involves making a malware sample seem a legitimate program," VirusTotal said in a Tuesday report.

As practically every organization shifts from managing their data in network-based data centers to storing it in the cloud, cloud data security policies are created to secure this data in a cloud environment. Development teams leverage the benefits of data in the cloud to generate a growing amount of cloud data stores and tools, to keep up with innovation.

The onslaught of ransomware attacks has catapulted cybersecurity to the forefront of global business operations. Just 36% of mid-sized organizations still don't have a formal incident response plan in place, according to research from Egnyte.

According to new research published by Menlo Security, a third of organizations experience a ransomware attack at least once a week, with one in 10 experiencing them more than once a day. According to the report, around half of organizations have been the victim of a successful ransomware attack in the last 18 months, with customers and prospects the most likely entry point for an attack.

From what we can tell, and details are still light, somewhere between $4.5 million and $8 million in coins - including stablecoins USDC and USDT, and Solana's SOL - were taken from roughly 8,000 Slope and Phantom mobile app wallets. Phantom also makes a Solana-focused mobile wallet for Android and iOS. Coins were drained from some of its users' mobile wallets, though the majority of stolen funds were pulled from Slope wallets.

The research found that 97% of the top ten universities across each country are not taking appropriate measures to proactively block attackers from spoofing their email domains, increasing the risk of email fraud. None of the top U.S. and U.K. universities had a Reject policy in place, which actively blocks fraudulent emails from reaching their intended targets, meaning all are leaving students open to email fraud.

Unknown attackers target Russian entities with newly discovered malware that allows them to control and steal information from compromised devices remotely. According to Malwarebytes, one of the Russian organizations that were attacked using this malware is a government-controlled defense corporation.

A fake website impersonating the official portal for the Atomic wallet, a popular decentralized wallet that also operates as a cryptocurrency exchange portal, is, in reality, distributing copies of the Mars Stealer information-stealing malware. The phony website was disclosed by a malware researcher known as Dee on Monday, but at the time of writing this, it remains online, serving copies of the said malware.