The Week in Cyber Security News, Dec. 14 - 20
01. Researchers have discovered a new espionage campaign in which attackers are using three different malware variants and exploiting Facebook, Google Docs, Dropbox, and Simplenote as its C&C server to target victims.
02. Foreign adversaries have launched a series of cyberattacks against key US government agencies by exploiting a vulnerability in the way updates are delivered to the Orion networking monitor platform made by SolarWinds.
03. The past 12 months have seen a record number of CVEs published by the US authorities, the fourth year in a row volumes have risen.
04. A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers.
05. As many as three million people have been infected by Chrome and Edge browser extensions that steal personal data and redirect users to ad or phishing sites.
06. In the wake of the SolarWinds breach, the National Security Council has activated an emergency cybersecurity process that is intended to help the government plan its response and recovery efforts.
07. Police in India have arrested 54 people in a raid on an illegal call center that targeted foreign nationals and conned them into transferring money to criminals via Bitcoin wallets and the purchase of gift cards.
08. The hacker who earlier this year claimed to have broken into President Trump’s Twitter account will not be punished, after authorities determined he was 'wearing his white hat' while breaking into the account.
09. The FBI says it is aware of incidents where the DoppelPaymer ransomware gang has resorted to cold-calling companies in order to intimidate and coerce victims into paying ransom demands.
10. Renewable energy supplier People’s Energy has disclosed that cybercriminals accessed the personal details of its entire 250,000 customer database in a data breach.
11. The Australian Competition and Consumer Commission is seeking an unspecified fine from Facebook for promoting a virtual private network as a way for people to protect their data, while secretly using the information to pick targets for commercial acquisitions.
12. Threat actors continue to take advantage of the hype surrounding the release of the videogame Cyberpunk 2077, this time with ransomware targeting Android devices disguised as a legitimate download of the new open-world game.
13. Officials from the FBI and Interpol have seized a small number of servers used by Joker's Stash, the internet's largest marketplace for buying & selling stolen cards, in what they have described as an ongoing "coordinated police operational activity".
14. iPhones belonging to as many as 36 journalists have been infected with malware, which appeared to exploit a vulnerability in Apple’s iOS and could allow attackers to record audio from the phone microphone (including extracting the audio of encrypted phone calls), take pictures, and track device location and access passwords
Thanks for visiting SecAlerts and reading our weekly cyber security news roundup. We offer a free weekly CVE alert service, or an hourly service from $US17/mth, both of which include software updates and news relating to your software stack. Join more than 1,500 other users and sign up.
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.