Last updated on August 1st, 2023 at 03:46 pm
We’ve gathered dark web insights, cyber security news, vulnerabilities, and CVEs, ransomware for you. Enjoy!
Table of Contents
Important Security News
What happened in cyberspace in the last two weeks? Here is a quick shot of security news from the world.
A New Trojan Pest Detected Targeting Android Users in Poland and Australia: Chameleon
A new banking trojan called Chameleon has been discovered by cybersecurity researchers, specifically targeting Android users in Poland and Australia. Besides the CoinSpot app, the trojan, active since January, mimics other popular apps, including an Australian government agency and the Polish IKO Bank.
The trojan is spread via compromised websites, Bitbucket hosting services, and Discord attachments. It has been observed that threat actors create the application icon by imitating the icons of ChatGPT, Chrome, and Bitcoin to distribute the malware.
In this way, malware does not arouse suspicion from users.
One of the notable features of Chameleon is its unique commands, which do not appear to be associated with any known Trojan families. This shows that the malware may be a new strain, and researchers believe it is still in its early stages of development and comes with limited capabilities.
Chameleon poses a significant threat to Android users with its usual banking trojan capabilities such as keylogging, SMS collection, launching overlay attacks and stealing cookies. In addition, the malware includes a lock catcher module that can detect if an Android device user is using a PIN, password or swipe. Chameleon can also disable Google Play Protect, making it harder for users to see and remove malware.
Although the current variant of Chameleon is not highly sophisticated, cybersecurity experts warn that it still abuses Accessibility Services.
This allows attackers to upgrade the malware further and cause more damage.
As a result, users are advised to be cautious when;
- Links received via e-mails or text messages from unknown senders,
- Always keep systems up to date, and
- Take advantage of comprehensive security solutions.
Western Digital Suffers A Security Breach That Puts Its Internal Data In Danger
Western Digital, a famous Silicon Valley-based American computer drive manufacturer and data storage company, has been hit by a recent data breach, according to a report by TechCrunch.
The hackers claim to have stolen more than 10TB of sensitive data from the storage company, demanding more than $10 million in ransom. Still, Western Digital is refusing to cooperate with the hackers. Besides, the cybercriminals shared a sample of the stolen information with tech bloggers, who confirmed its authenticity.
Earlier this month, the company disclosed that an unauthorized third party had access to multiple systems used within the organization. The storage company did not provide further details about the attack’s size but continued coordinating with law enforcement and forensic cybersecurity experts.
The attack forced Western Digital’s cloud network out of action for nearly two weeks, and the company has only recently managed to get the consumer service My Cloud back online. The hackers claim to have customer information and sensitive company data, such as the cellphone numbers of the company’s top executives.
It remains unclear who is behind the attack. The hackers have not identified themselves, but they have warned that they will release the stolen data onto the hacking website Alphv if they do not receive the ransom from Western Digital.
The storage company has not confirmed whether the leaked information includes customers’ sensitive information, such as SSNs, DOBs, and banking information. Western Digital has also yet to ensure whether customer files were lost because of the security breach.
If the stolen data is released, it could harm the reputation of the publicly traded computer storage manufacturer. In this context, to avoid being the target of similar security breaches, it is recommended to consider some of the security measures given below.
- The system, software, program and other inventories used in the institution/organization should be used in the current versions where the vulnerabilities are eliminated.
- Institution/organization personnel should know about possible social engineering and phishing attacks.
- Comprehensive security solutions should be deployed in the organization’s network, and traffic should be proactively monitored to detect potential cyber attack attempts.
- Using the Brandefense Threat Intelligence platform, a DPRS solution, is recommended to detect cyber threats and attacks targeting the brand and take quick action.
🔥URGENT: IRDA hit by Lockbit ransomware! Sensitive data leaked 💼🆔 & ransom deadline: April 18⏳ Don’t become the next victim! Stay informed & protect yourself with our in-depth analysis of Lockbit’s: https://t.co/TQrq3B5dly #CyberSecurity #IRDA💡 pic.twitter.com/LKfNHu60ld
— BRANDEFENSE | Digital Risk Protection Service (@Brandefense) April 13, 2023
- Sophos EDR & Checkpoint Harmony EDR security software found for sale on the deep web! In nature, these products are used for malware detection. Threat actors may use them to test & evade the detection of their own malware.
- The pro-Russian hacker group Noname057(16) has launched DDoS attacks on energy companies based in Germany and Sweden – RWE & Vatenfall – citing political conflict related to the Russia-Ukraine war.
Security News Headings
- Intel CPUs Vulnerable to New Transient Execution Side-Channel Attack
- Yellow Pages Canada Confirms Cyber Attack as Black Basta Leaks Data
- Decoy Dog Malware Toolkit Found After Analyzing 70 Billion DNS Queries
- EvilExtractor Malware Activity Spikes in Europe and the U.S.