Security News

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin, a software package used to administer what's being called "One of the world's largest phishing services." The operation was carried out in coordination with the FBI and authorities in Australia, which was particularly hard hit by phishing scams perpetrated by U-Admin customers. The Ukrainian attorney general's office said it worked with the nation's police force to identify a 39-year-old man from the Ternopil region who developed a phishing package and special administrative panel for the product.

Law enforcement officials in Ukraine, in coordination with authorities from the U.S. and Australia, last week shut down one of the world's largest phishing services that were used to attack financial institutions in 11 countries, causing tens of millions of dollars in losses. The Ukrainian attorney general's office said it worked with the National Police and its Main Investigation Department to identify a 39-year-old man from the Ternopil region who developed a phishing package and a special administrative panel for the service, which were then aimed at several banks located in Australia, Spain, the U.S., Italy, Chile, the Netherlands, Mexico, France, Switzerland, Germany, and the U.K. Computer equipment, mobile phones, and hard drives were seized as part of five authorized searches conducted during the course of the operation.

On the receiving end, a successful phishing campaign can damage an organization in more ways than one. A report released Sunday by security provider Proofpoint looks at the impact of a phishing attack and offers tips on how to combat one.

A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment. Samuel Morse and Alfred Vail invented morse code as a way of transmitting messages across telegraph wire.

Microsoft has warned of an increasing number of consent phishing attacks targeting remote workers during recent months, BleepingComputer has learned. Consent phishing is an application-based attack variant where the attackers attempt to trick targets into providing malicious Office 365 OAuth apps with access to their Office 365 accounts.

IRONSCALES announced new platform features as part of its new release to further improve the company's ability to detect advanced and highly targeted phishing attacks, especially those focused on credential harvesting and account takeover. IRONSCALES unveiled improvements to its phishing awareness training module with the addition of a "One-click campaign" feature offering a more seamless process for security teams to test employees' individual phishing awareness via targeted simulations.

Threat actors are sending phishing emails impersonating a Small Business Administration lender to prey on US business owners who want to apply for a Paycheck Protection Program loan to keep their business going during the COVID-19 crisis. The attackers behind this phishing campaign are taking advantage of the ongoing financial problems some businesses are experiencing due to the pandemic to lure them into handing over sensitive business and personal info.

The proprietors of the phishing service were variously known on cybercrime forums under handles such as SMSBandits, "Gmuni," "Bamit9," and "Uncle Munis." SMS Bandits offered an SMS phishing service for the mass sending of text messages designed to phish account credentials for different popular websites and steal personal and financial data for resale. Sasha Angus is a partner at Scylla Intel, a cyber intelligence startup that did a great deal of research into the SMS Bandits leading up to the arrest.

"Serious" vulnerability found in Libgcrypt, GnuPG's cryptographic libraryLibgcrypt 1.9.0, the newest version of a cryptographic library integrated in the GNU Privacy Guard free encryption software, has a "Severe" security vulnerability and should not be used, warned Werner Koch. Sudo vulnerability allows attackers to gain root privileges on Linux systemsA vulnerability in sudo, a powerful and near-ubiquitous open-source utility used on major Linux and Unix-like operating systems, could allow any unprivileged local user to gain root privileges on a vulnerable host.

Attackers are tricking employees into logging into phishing sites.