Cyber Bites

Allegedly, military-grade firearms coming from Western countries that were sent to support the Ukrainian army in their fight against Russia have been listed on multiple weapon marketplaces on the dark web. These weapons were supposedly put aside from the received supplies and are now being sold to terrorists looking to buy rocket launchers and other high-impact attack systems. There's a high chance that they have been created by pro-Russian actors for propaganda use, despite appearing...

Emotet malware has deployed a new module that is designed to steal credit card information stored in the Chrome web browser. Exclusively targeting Chrome, the module has the ability to exfiltrate the collected information to different remote command-and-control (C2) servers, according to Proofpoint. The enterprise security company discovered the component on the 6th June. Emotet activity has seen a spike following a 10-month-long absence after its infrastructure was attacked by law enforcement in January 2021....

A new ransomware is selling its decryptor on the gaming platform Roblox using the service's in-game currency, Robux. Roblox is an online kids gaming platform that lets members create and monetize their own games by selling Game Passes. These passes provide various rewards, including special access, enhanced features and in-game items. These passes can only be purchased by an in-game currency called Robux. Yesterday, security researchers, MalwareHunterTeam, found a new ransomware referred to as 'WannaFriendMe'....

The UK government has reportedly acquired its first quantum computer with the aim to help boost research capabilities in cyber-defence and other national security fields. The BBC have reported that The Ministry of Defence (MoD) is set to work with Orca Computing, a UK company, to explore the potential of quantum to enhance the nation's defence systems. The scheme was born out of research developed at the University of Oxford. Orca Computing's aim is to...

A large-scale phishing operation held on Facebook and Messenger to lure millions of users onto phishing pages has been uncovered by researchers. The aim of the operation was to trick victims into entering their credentials and see adverts. These stolen account details were used to send further phishing messages to victim's friends. The aim being to generate significant online advertising commission revenue. The New-York based AI-focused cybersecurity firm, PIXM, said that the campaign, despite being...

As the Follina flaw continues to be exploited in the wild, an unofficial security patch for a new Windows zero-day vulnerability in the Microsoft Diagnostic Tool (MSDT) has been made available. Referenced as DogWalk, the issue relates to a path traversal flaw that, when a potential target opens a specially created ".diagcab" archive file that contains a diagnostics configuration file, can be exploited to stash a malicious executable file to the Windows Start-up folder. The...

This week the UK's social care sector received a boost after NHS Digital released new materials designed to enhance staff cybersecurity awareness. The materials hope to raise awareness of critical threats and risks. The programme was developed in partnership with Digital Social Care, the materials are part of the NHS "Keep IT Confidential" campaign. The campaign covers key areas such as password management, phishing, secure data sharing, the risks of unlocked phone screens, and data...

In 2021 SMS phishing (also known as smishing) attacks more than doubled year-on-year, according to Proofpoint. Cyber-criminals looked to compromise devices by using human error. Proofpoint's latest annual Human Factor report is based on an analysis of over 49 billion URLs, 2.6 billion emails, 1.9 billion attachments, 28 million cloud accounts, 1.7 billion mobile messages and many other data points. The security vendor claimed that the increase in smishing could have occurred as a result of...

On Friday the municipality of Palermo, Italy, suffered a cyberattack. The attack appears to have had an impact on multiple services and operations to both citizens and tourists. Local IT experts have been trying to restore the systems since the attack, however all services, online portals, and public websites remain offline. The impacted systems include the municipal police operations centre, the public video surveillance management, and all of the municipality's services, according to local news...

The Evil Corp Russian hacker group has reportedly changed its attack tactics to avoid sanctions placed on US companies prohibiting them from paying it a ransom. Mandiant, the threat intelligence firm, reported the shift. The firm recently wrote a blog post linking a series of Lockbit ransomware intrusions to UNC2165, a threat cluster that shares numerous overlaps with Evil Corp. In 2019, the US Treasury Department put sanctions on UNC2165 for using the Dridex malware...