Security News

Israeli spy agencies accused Iran on Monday of using fake social media accounts to lure citizens of the Jewish state abroad "To harm or abduct them". The Israeli claim came hours after Iran accused its arch-enemy of orchestrating an attack on a key nuclear site and vowed "Revenge".

Attacks conducted by Iranian hackers against Israeli companies involved the deployment of ransomware and theft of information, threat intelligence company ClearSky reported last week. A new series of attacks targeting industrial, insurance and logistics companies in Israel appears to be the work of Fox Kitten, ClearSky noted in a new report.

A group of Iranian hackers recently posted a video showing how they managed to access an industrial control system at a water facility in Israel. "This gave the attackers easy access to the system and the ability to modify any value in the system, allowing them, for example, to tamper with the water pressure, change the temperature and more. All the adversaries needed was a connection to the world-wide-web, and a web browser," OTORIO said in a blog post.

Threat actors are extorting an Israeli insurance company by demanding almost $1 million in bitcoin to stop leaking the company's stolen data. On Monday, a cybercrime group calling themselves 'BlackShadow' tweeted that they hacked into the Israeli Shirbit insurance company and stole files during the attack.

Israeli spyware maker NSO Group has taken a leaf out of Hollywood in an attempt to avoid any legal repercussions from making and selling tools that hack WhatsApp users' phones. When NSO failed to turn up in court in the US state, Facebook claimed victory; and NSO accused it of lying and having failed to serve the legal documents.

Researchers at Awake Security have published a report on malicious extensions in the Chrome web store, making both specific claims of over 32 million downloads of one malware family, and general claims of weak security in both domain registration and Google's store. This led them to a bunch of malicious browser extensions, 111 in total, which "Were found to upload sensitive data or not perform the task they're advertised to perform. A common technique, they said, is that the developer gets a clean version of an extension approved, and later updates it with the malicious payload. Some of the suspicious extensions have a reassuring number of reviews and downloads, in one case more than 22,000 reviews and 10 million downloads, presumably achieved by bot activity. Another popular approach is to clone a genuine extension and bundle it with malware."Awake has since worked with Google to take down these extensions from the Chrome Web Store," said the report, but no doubt more are on the way.

Israel's national cyber chief Thursday officially acknowledged the country had thwarted a major cyber attack last month against its water systems, an assault widely attributed to arch-enemy Iran, calling it a "Synchronized and organized attack" aimed at disrupting key national infrastructure. Had Israel's National Cyber Directorate not detected the attack in real time, he said chlorine or other chemicals could have been mixed into the water source in the wrong proportions and resulted in a "Harmful and disastrous" outcome.

Many Israeli websites were hit by a coordinated cyber attack Thursday, with the home pages replaced by images of the country's commercial capital Tel Aviv in flames. It did not state the number of pages targeted but Israeli media reported it was more than 1,000, including those of major firms.

A vulnerability existed in Microsoft's Slack for Suits tool, Teams, that could have let a remote attacker take over accounts by simply sending a malicious GIF, infosec researchers claim. The rest of the Teams vuln was patched last Monday, 20 April.

The owner of the data is Straffic.io, which describes itself as a "Private performance marketing network." According to its Facebook page, the company was founded in June 2017. "As of now, all systems are secure, and we did not find evidence of any data misuse or data loss. We continue to investigate and will notify if we find evidence to the contrary. Although we do our very best to protect the security of our service and deeply regret such a vulnerability has been found on our service, it is impossible to create a totally immune system, and these things can occur."