Cyber Bites

UpdraftPlus, a WordPress plugin with over 3 million installations, has been patched following the discovery of a vulnerability by security researcher Marc Montpas. The Wordfence Threat Intelligence team explained in a blog post that the vulnerability enables any logged in user, including subscriber-level users, to download backups made with the plugin. The WordPress security company explained that backups contain a great deal of sensitive information, often including configuration files which can be used to access...

Trickbot, the bane of many cybersecurity professionals lives', has begun to target the customers of 60 major institutions including Wells Fargo and Bank of America. The attacks come through web injections and phishing campaigns. Initially, Trickbot was a relatively simple Banking Trojan similar to Zeus, Agent Tesla, Dridex and DanaBot. Following the retirement of the Dyre botnet in 2016 and the infrastructure supporting the Emotet botnet being disrupted by Europol and the FBI last year,...

The mysterious outage is as yet unexplained and hit Royal Bank of Canada (RBC), Bank of Montreal (BMO), Scotiabank, TD Bank Canada and the Canadian Imperial Bank of Commerce (CIBC). "We are currently experiencing technical issues with our online and mobile banking, as well as our phone systems," an RBC representative confirmed. "Our experts are investigating and working to get this fixed as quickly as possible, but we have no ETA to provide at this time....

The Office of the Inspector General (OIG) has released a report revealing that Baltimore city was tricked out of hundreds of thousands of dollars last year by a cyber-criminal posing as a vendor. After receiving information from Baltimore's Bureau of Accounting and Payroll Services (BAPS) in regards to a suspected fraudulent Electronic Funds Transfer (EFT), the OIG launched the investigation that uncovered the scam. Suspicions arose when a contractor received funds from the Mayor's Office...

Scan text messages claiming to be from NHS Test and Trace have been circulating recently, Cornwall council warns. The messages falsely claim that the recipient has been in close contact with someone that has tested positive for Covid and asks them to click on a link to book a test. The texts are sent from mobile phone numbers. Cornwall Council is advising people to "think twice before clicking any links" "These texts can seem very...

Google has announced that they have doubled the rewards for anyone who can who can demonstrate working exploits for a range of zero-day and one-day vulnerabilities across a variety of platforms. The reward increases are applicable to exploits discovered in the Linux Kernel, Kubernetes, Google Kubernetes Engine (GKE), or kCTF (Kubernetes-based infrastructure for capture the flag exercises). The next review will come at the start of 2023. Rewards for valid one-day security exploits, sometimes known...

A new report from CrowdStrike has revealed that ransomware-related data leaks increased by 82% year-on-year in 2021, but three-fifths of cyber attacks involved no malware whatsoever. The security company’s 2022 Global Threat Report was put together using an analysis of its own incident response engagements and security telemetry. The report revealed that 62% of attacks used legitimate credentials to access networks, a process known as "non-malware, hands-on-keyboard activity" before using "living off the land techniques" to move...

The attacks knocked out the Ukrainian defence ministry's website and two bank networks were knocked out. According to the internet monitoring organisation NetBlocks, the attack hit on Tuesday afternoon and lasted for several hours. In a statement yesterday, the organisation revealed that “NetBlocks metrics confirm the loss of service to multiple banking and online platforms in Ukraine, in a manner consistent with a denial-of-service attack. The incident comes amid heightened tensions with neighbouring Russia.” “Metrics...

Google has released Chrome 98.0.4758.102 for Windows, Mac, and Linux, as fix for a high-severity zero-day vulnerability used by cyber-attackers. "Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild," the company said in a security advisory released today. Chrome update will roll out over the coming weeks but it is possible to install the update immediately simply by going into the Chrome menu > Help > About Google Chrome. The vulnerability was detected by Clément...

A data breach at a business services company based in Saginaw, Michigan may have exposed the personal information of 521,00 people. The attack was detected on August 1 last year when data in the company's care became unavailable. The breach comes as a direct result of cyber-criminals targeting Morley Companies.  Michigan attorney general Dana Nessel confirmed on Friday reported "a data security incident that may have impacted data belonging to current employees, former employees and various...