Phishing Campaigns and a Biometric Data Breach
Learn about increasing amounts of phishing campaigns and how Trend Micro caught 2.4 million attacks of this type—a 59% increase in the second half of 2018. Also, millions of sensitive biometric records were found exposed in a massive data breach.
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about ever-increasing amounts of phishing campaigns and how Trend Micro caught 2.4 million attacks of this type — a 59% increase from 1.5 million in the second half of 2018. Also, read millions of sensitive biometric records were found exposed in a massive data breach involving a major biometric security platform.
Microsoft released updates to patch 93 CVEs, along with two advisories, in this month’s Patch Tuesday. The bulletin patches issues in Azure DevOps Server, Internet Explorer, Microsoft Office, Microsoft Windows, Visual Studio and more. The patches address 29 vulnerabilities rated Critical and 64 that were rated Important, and a total of 21 CVEs were disclosed through the Zero Day Initiative (ZDI) program.
About 23 GB worth of data consisting of 27.8 million sensitive biometric records were found exposed in a massive data breach involving biometric security platform BioStar 2, which provides thousands of companies with biometrics security in order to restrict access to buildings and other private areas.
While endpoint detection and response (EDR) is one of the most significant advancements made by endpoint security vendors in the past six years, enterprises need more. Trend’s COO Kevin Simzer discusses these needs and Trend Micro’s new solution to meet them: XDR.
According to a report by Malwarebytes, there has been a 363% year-over-year increase in the first half of the year. Aside from businesses, there has also been a greater number of ransomware attacks targeting different public sectors and local governments since the start of 2019.
A researcher found that writing custom malware that can induce embedded speakers to emit inaudible frequencies at high intensity or blast out audible sounds at high volume. Those aural barrages can potentially harm human hearing, cause tinnitus or have psychological effects and highlight the potential for acoustic malware to be distributed and controlled through remote access attacks.
Trend Micro’s VP of Cloud Research, Mark Nunnikhoven, explains the concept of lateral movement, which refers to the techniques cyber attackers use to progressively move through a network post-breach as they search for the key data and assets that are ultimately the target of their attack campaigns.
Recently observed by security researchers, this malware campaign uses a polymorphic HTML application (HTA) and a polymorphic backdoor to evade detection. As in its previous iteration, the threat routine begins with phishing emails to high-value targets.
The Border Gateway Protocol is vulnerable to malicious actors -- and as of right now, little can be done about it from a security perspective, although there have been attempts to make it more reliable. Trend Micro’s Mark Nunnikhoven, VP of cloud research, discusses BGP’s reliability and threat risk.
Credential phishing continues to be a bane for organizations. In the first half of 2019, the Trend Micro™️ Cloud App Security™️ solution caught 2.4 million attacks of this type — a 59% increase from 1.5 million in the second half of 2018.
Given the expected expansion of industrial internet of things (IIoT), this guide discusses the possible security risks, threats, and scenarios that cybercriminals can abuse to compromise the energy, water, and oil industries. Also included are recommendations on how to defend against these attacks based on Trend Micro (TM) research.
Coinbase’s chief information security officer published an incident report covering the recent attack on the cryptocurrency exchange, revealing a phishing campaign of surprising sophistication. The thwarted attack began with email messages on May 30 to more than a dozen Coinbase employees that appeared to be from Gregory Harris, a research grant administrator at the University of Cambridge in the UK.
Within a span of three weeks, our telemetry uncovered three notable malware variants of Neko, Mirai, and Bashlite. These malware variants enlist infected routers to botnets that are capable of launching distributed denial of service (DDoS) attacks.
In July, our researchers came across a phishing email purporting to be a new order notification, which contained a malicious attachment that leads to the remote access tool Remcos RAT. This attack delivers Remcos using an AutoIt wrapper that incorporates various obfuscation and anti-debugging techniques to evade detection, which is a common method for distributing known malware.
Are you up to speed on our recommendations to avoid possible security risks, threats, and scenarios that cybercriminals can abuse to compromise the energy, water, and oil industries? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.