Security News > 2023 > June

A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on compromised systems. Process injection is an attack method that allows adversaries to inject code into processes in order to evade process-based defenses and elevate privileges.

Europol announced today that the takedown of the EncroChat encrypted mobile communications platform has led to the arrest of over 6,600 people and the seizure of $979 million in illicit funds. EncroChat phones ran a special, hardened version of Android that promised users unbreakable encryption, anonymity, and no traceability.

Microsoft is investigating an ongoing issue preventing some customers from accessing their Exchange Online mailbox through Outlook on the web. While Microsoft says this outage only impacts the North American region, user reports show that the issue might also affect users in South America.

Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm ecosystem that leverages a unique execution chain to deliver an unknown payload to targeted systems. "The packages in question seem to be published in pairs, each pair working in unison to fetch additional resources which are subsequently decoded and/or executed," software supply chain security firm Phylum said in a report released last week.

It runs from September 18 - 20, 2023 in Washington, DC. Organizers at mWISE, the highly anticipated cybersecurity conference from Mandiant, have released this year's session tracks. Security engineeringThis track focuses on building/maintaining security posture by incorporating security controls into systems to prevent misuse and malicious behavior and maintain policies.

A new process injection technique named 'Mockingjay' could allow threat actors to bypass EDR and other security products to stealthily execute malicious code on compromised systems. Process injection is a method of executing arbitrary code in the address space of another running process that is trusted by the operating system, hence giving threat actors the ability to run malicious code without being detected.

Given attack surface sprawl and evolving threats, many organizations are embracing attack surface management tools to discover and address critical exposures. Asset discovery is an important capability to have, and one that's helping to drive the adoption of attack surface management tools and services.

Worldwide, 6558 arrests follow the dismantling of EncroChat, a tool favored by organized crime groups. Nearly EUR 900 million in criminal funds have been seized or frozen.

Europol on Tuesday announced that the takedown of EncroChat in July 2020 led to 6,558 arrests worldwide and the seizure of €900 million in illicit criminal proceeds. The law enforcement agency said that a subsequent joint investigation initiated by French and Dutch authorities intercepted and analyzed over 115 million conversations that took place over the encrypted messaging platform between no less than 60,000 users.

A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, Austria, and Switzerland since the start of March 2023. "The actors behind Anatsa aim to steal credentials used to authorize customers in mobile banking applications and perform Device-Takeover Fraud to initiate fraudulent transactions," ThreatFabric said in an analysis published Monday.