Cyber Bites

Last week Microsoft's Digital Crimes Unit (DCU) disclosed that it had taken legal proceedings against an Iranian threat actor dubbed Bohrium, linked with a spear-phishing operation. Bohrium is said to have targeted multiple entities in the U.S., India and the Middle East, including across transportation, tech, education, and government sectors. In a Tweet Amy Hogan-Burney of the DCU said, "Bohrium actors create fake social media profiles, often posing as recruiters... Once personal information was obtained from...

On Monday, a senior cybersecurity official said that the phones of Ukrainian officials had been targeted by hackers as Russia pursues its invasion of Ukraine. The deputy head of Ukraine's State Special Communications Service, Victor Zhora, said that phones used by Ukraine's public servants were the subject of sustained targeting. At an online news conference held to mark the 100 days since Russian forces invaded, Zhora said, "we see a lot of attempts to hack Ukrainian...

A critical vulnerability in the Unisoc Tiger T700 chips that power the Motorola Moto G20, E30 and E40 smartphones has been found by the cyber-threat intelligence firm Checkpoint Research (CPR). These components have been marked as threat vectors due to a stack overflow vulnerability. The Unisoc Tiger T700 chip replaced MediaTek's chips in these devices due to a global shortage. As a result of the flaw, the smartphones were found to be missing the check...

The IT systems of Gloucester City Council are still not fully operational almost six months after Russian hacker targeting. The servers were compromised on December 20th last year, the council acknowledged. Many of the online services were disrupted, including council tax support, track and trace support payments, and housing benefits. The systems were targeted by a phishing "sleeper" malware, contracted by a third party, which reportedly encrypted files. According to reports, to recover and remediate...

Apple has announced that, in 2021, it prevented over 1.6 million risky and untrustworthy apps and app updates from reaching the App Store and stopped over $1.5 billion in fraudulent transactions. Apple produced its first fraud prevention analysis last year with information about 2020. Last year's report showed that Apple had prevented one million potentially bad apps from the App Store and protected customers from nearly $1.5 billion in potentially fraudulent transactions. In 2021, Apple...

A suspected state-aligned threat actor has been linked to a fresh set of attacks exploiting the Microsoft Office "Follina" vulnerability to target government entities across the U.S. and Europe. Proofpoint, an enterprise security firm, said that it blocked attempts at exploiting the remote code execution flaw. The flaw is being tracked CVE-2022-30190 (CVSS Score: 7.8). More than 1,000 phishing messages containing a lure document were sent to the various targets. Proofpoint said in a series...

In an attempt to streamline information flows across a fragmented global supply chain, Singapore has officially launched a centralised data platform. The data exchange has already gained the support of more than 70 participants, including banks, logistics operators, and energy companies. The new common data platform, called Singapore Trade Data Exchange (SGTraDex), was introduced in November 2020 as a pilot scheme. The scheme aimed to improve data efficiencies in container flow and financial processes. The...

The website for Russia's Ministry of Construction, Housing and Utilities has reportedly been hacked. An internet search for the site lead users to a "Glory to Ukraine" sign in Ukrainian. On Sunday, Russia's state news agency, RIA, quoted a representative from the ministry, revealing that the site was down, however users' personal data was unaffected. According to the RIA, the hackers were demanding a ransom to prevent the disclosure of sensitive data to the public....

A budget Turkish airline has misconfigured an AWS bucket, resulting in the exposure of flight and source code data, alongside the personal information of crew members. A research team in the employ of SafetyDetectives discovered the cloud data trove was publicly available on February 28. Some of the information was traced back to Electronic Flight Bag (EFB) software developed by Pegasus Airlines. An EFB is an information management tool designed to aid in the productivity...

Italy's Computer Security Incident Response Team (CSIRT) issued an urgent alert on Monday, warning organisations of the significant risk of cyberattack against national entities. The Italian organisation is referring to DDoS (distributed denial-of-service) attacks which, while not necessarily catastrophic, can cause significant damage due to service outages and disruptions. “There continue to be signs and threats of possible imminent attacks against, in particular, national public entities, private entities providing a public utility service or private...