Cyber Bites

Microsoft issued a patch for an Internet Explorer scripting engine memory corruption vulnerability that could lead remote code execution and that has been detected in the wild. The vulnerability, CVE-2020-0674, carries a CVSS rating of 7.5 and since it has been detected being abused in the wild requires users to update their systems as soon as possible. Source: SC Magazine

With 500,000 staff, making it one of the world’s largest private sector employers, ISS has operations in over 60 countries around the world. It provides building maintenance, janitorial services, office supplies, physical building security, catering and facilities management services to a large roster of enterprise clients. It makes revenues of approximately DKK75bn (£8.4bn) per annum. ISS said the attack began on 17 February. “As a precautionary measure and as part of our standard operating procedure,...

An IT security firm has recovered 9,050,064,764 login credentials in possession by cybercriminals from over 640 data breaches involving emails and usernames secured using plaintext passwords. Password reuse, improper hashing, misconfigured servers, and the use of common weak passwords and common phrases were the main reasons which led to the compromise of users’ accounts. Source: CPO Magazine

A new Emotet campaign is spread via SMS messages pretending to be from banks and may have ties to the TrickBot trojan. Attackers are sending SMS messages purporting to be from victims’ banks – but once they click on the links in the text messages, they are asked to hand over their banking credentials and download a file that infects their systems with the Emotet malware. Source: Threatpost

Health care organizations continue to be a popular target for hackers. According to information from the U.S. Department of Health & Human Services (HHS), over 30 reports of data breaches have been filed by health care entities in the first month and a half of 2020. Although a few reported breaches involved theft or improper disposal of information, the majority of the reported breaches involved hacking/IT incidents and unauthorized access or disclosure. Source: National Law...

The data provided is clearly showing that the UK should be doing a lot more now when securing data. A shocking find from this data was that at least 1,474 devices were reported as being lost; 347 as stolen; and 183 were unknown. Of these devices, just 249 were recovered. Steve Beeching, managing director of Viasat UK has insisted that encrypting devices is not enough when protecting data from hackers. Source: Teiss

The personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week. Besides details for regular tourists and travelers, included in the leaked files are also personal and contact details for celebrities, tech CEOs, reporters, government officials, and employees at some of the world's largest tech companies. Source: ZD Net

While the number of people affected by the coronavirus is climbing daily, it's another form of virus that has analysts worried elsewhere. Coronavirus-themed malware is starting to spread, according to a report by cybersecurity software company Check Point. Several spam campaigns thematically linked to the global epidemic have emerged since the outbreak of the coronavirus in Wuhan, China, according to Check Point's Global Threat Index for January 2020. Source: Mashable

A new email-based form of crypto ransomware is targeting website owners using banners from Google’s AdSense program. According to the report by KrebsonSecurity, the scam involves criminals threatening site owners with a flood of bot and junk traffic to trigger Google’s automated anti-fraud system, leading the suspension of their AdSense account for suspicious traffic. In exchange, the fraudsters are asking for a ransom paid in bitcoin in order to avoid the potential of losing AdSense...

An advanced threat actor has been targeting gambling and betting companies in multiple regions of the globe with malware that links to two Chinese hacker groups. Named "DRBControl" by security researchers, the group uses malware not publicly reported before. The mission appears to be cyberespionage, stealing databases and source code from the targets being part of the operation. Source: Bleeping Computer