Cyber Bites

Japanese automaker Honda has been hit by a cyber-attack which has impacted many of its business operations. The attack happened on Sunday 7th June, and led to problems across Honda's IT networks in Europe and Japan. According to multiple reports, cyber actors targeted a Honda server with SNAKE (Ekans) ransomware aiming to cause damage to the company's computer network. While the company has yet to confirm a ransomware attack, it has acknowledged a security incident...

Hackers are attacking high ranking executives of a German multinational corporation part of a government-private sector task force focused on personal protective equipment (PPE) procurement. The attackers behind this pandemic-related spear-phishing campaign have already attempted to steal the user credentials of over 100 senior executives as security researchers at IBM X-Force Incident Response and Intelligence Services (IRIS) said in a report published today. This task force's members have been commissioned by the German government to leverage their expertise and contacts...

The operators of the eCh0raix ransomware have launched another wave of attacks against QNAP network-attached storage (NAS) devices. The eCh0raix gang has been active since June 2019, when they first deployed a first version of their ransomware. Despite having its initial ransomware version decrypted, the group has never disappeared, deploying a newer version that security researchers couldn't crack. The group's activity has slowed down since last summer, primarily because of competition from rival ransomware gangs targeting...

A fake decryptor for the STOP Djvu Ransomware is being distributed that lures already desperate people with the promise of free decryption. Instead of getting their files back for free, they are infected with another ransomware that makes their situation even worse. While ransomware operations such as Maze, REvil, Netwalker, and DoppelPaymer get wide media attention due to their high worth victims, another ransomware called STOP Djvu is infecting more people then all of them combined on...

A sophisticated spear-phishing campaign has targeted companies using Zeplin, a collaboration system heavily used in the software development and product design communities. The campaign, launched in early May by South Korean APT group Higaisa, took special aim at newer users of the service, luring users with files purporting to be a project file and updates to copyright policies. The Prevailion Tailored Intelligence Team, which discovered the campaign, notes in its published report that the malware...

More employees are working from home amidst the global pandemic, but a majority do so without proper training on how to ensure they can keep their organisation safe. More than half are using their personal devices to carry out work tasks, even as they believe these devices are not fully secure against advanced security threats. And this is despite 54% of these employees believing their organisations are more likely to experience a serious cyberattack during...

Singapore currently is developing a wearable device that may be issued to every resident as a way to facilitate contact tracing amidst the COVID-19 pandemic, but the move has sparked public outcry from individuals concerned about their privacy. An online petition urging the public to reject its use has, to date, garnered more than 17,500 signatures. Headlined "Singapore says 'No' to wearable devices for COVID-19 contact tracing", the online petition describes the implementation of such devices as...

Chinese and Iranian state-sponsored hackers have been caught targeting the Trump and Biden Presidential campaigns, according to Google. Shane Huntley, director of Google’s Threat Analysis Group, revealed the news in a couple of tweets yesterday. He confirmed that there was no sign the attacks had led to compromise. “We sent users our govt attack warning and we referred to fed law enforcement,” Huntley added. “If you are working on a campaign this election cycle, your personal accounts...

Cybercriminals gained access to systems owned by US military contractor Westech International according to reports from Sky News.The hackers stole top secret nuclear missile data, encrypted hard drives and began leaking documents in an extortion attempt. The breached company is a sub-contractor for Northrup Grumman, which provides engineering and maintenance support for the Minuteman III intercontinental ballistic missiles. Westech is based in Albuquerque and was formed in 1995 by Dr. Betty Chao. Sky News said...

Criminals are using resumes to hide malicious payloads in a business climate that has seen hundreds of thousands of individuals searching for jobs. According to new research, the fake CVs disguise banking trojans and data stealers in macros within Microsoft Excel files. Researchers at Check Point Software say that a new campaign of Zloader malware has been part of an overall doubling of resume-based subterfuge in the last two months. A similar campaign involving the TrickBot loader...