Cyber Threats
This Week in Security News May 7, 2021
New Panda Stealer Targets Cryptocurrency Wallets and Apple Releases Urgent Security Patches for Zero-Day Bugs
Save to Folio
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read about Apple’s latest security patches that address three zero-day flaws. Also, learn about a new information stealer called ‘Panda Stealer’ that’s being delivered via spam emails and targeting cryptocurrency wallets.
Read on:
New Panda Stealer Targets Cryptocurrency Wallets
In April, Trend Micro observed a new information stealer called ‘Panda Stealer’ being delivered via spam emails. Once installed, Panda Stealer can collect details like private keys and records of past transactions from its victim’s digital currency wallets, steal credentials from other applications such as NordVPN, Telegram, Discord, and Steam, and take screenshots of the infected computer. Based on Trend Micro's telemetry, the U.S., Australia, Japan and Germany were among the most affected countries.
Apple Releases Urgent Security Patches for Zero‑Day Bugs Under Active Attacks
Apple released security updates for iOS, macOS, and watchOS to address three zero-day flaws and expand patches for a fourth vulnerability that the company said might have been exploited in the wild. The weaknesses all concern WebKit, the browser engine which powers Safari and other third-party web browsers in iOS, allowing an adversary to execute arbitrary code on target devices.
Proxylogon: A Coinminer, a Ransomware and a Botnet Join the Party
The emergence of several zero-day exploits relating to ProxyLogon, a Microsoft Exchange Server vulnerability that was discovered in late 2020, has allowed several threat actors to carry out attacks against unpatched systems. Trend Micro’s telemetry showed three malware families taking advantage of the ProxyLogon vulnerability: the coinminer LemonDuck, the ransomware BlackKingdom, and the Prometei botnet.
How Do I Select a DLP Solution for My Business?
Data loss prevention (DLP) has become even more important in the last year. Since the pandemic has made companies shift to a remote workforce model, cybersecurity threats have become increasingly complex and data security even more fragile. Companies need to adapt their DLP strategies to the new normal and harden their defense. In this article, Greg Young, VP of Cybersecurity at Trend Micro, shares his recommendation for selecting a DLP solution.
Mutated Scams: How to Protect Yourself from Pandemic-Fueled Cyberfraud
Scammers took advantage of the surge in online activity during the pandemic, targeting businesses and buyers that were settling into new ways of transacting. The evolution of these crimes can be classified into four categories: online shopping, food delivery apps, messaging apps and government assistance. In this blog, learn about the new scams, recommendations to avoid becoming a victim, and predictions on whether these new forms of crime will stay active post-pandemic.
Trend Micro Debuts TXOne StellarProtect Industrial-Grade Endpoint Protection for ICS Devices
Trend Micro released its TXOne StellarProtect, an all-terrain endpoint protection defensive solution, custom-engineered for operational technology (OT) environments. The OT-native endpoint security solution is provided as part of its total security solution for smart factories and is developed by TXOne Networks, a company formed by a joint venture of Trend Micro and Moxa.
MITRE ATT&CK for Containers: Why It Matters
The complexity of containers demands something to make sense of it all. Builders, operations teams and security teams need a single language to understand the risk associated with containers. The MITRE ATT&CK Framework continues to evolve by adding known attack profiles and new attack techniques. Trend Micro’s research team collaborated with MITRE to provide evidence of real-world attacks that supported seven MITRE Techniques.
XDR to Succeed Legacy Technologies as Emerging Threats Pressure Security
Extended detection and response (XDR) has emerged as the most effective technology for enterprises to discover and hunt down cyberthreats within IT environments and across various business tools. "XDR collects more telemetry to see stealthy attacks, using machine learning to join together individual events to form high confidence decisions and selective blocking options," said Greg Young, VP of cybersecurity at Trend Micro.
How Cybercriminals Abuse OpenBullet for Credential Stuffing
Due to OpenBullet’s popularity, a whole market for trading configuration scripts has formed in the underground with cybercriminals exploiting OpenBullet to brute-force their way into targeted accounts. This blog explores how threat actors compromise the supply chain of OpenBullet configuration scripts and recommends ways for users to remain protected from credential stuffing attacks that lead to account takeovers.
CISA Used New Subpoena Power to Contact US Companies Vulnerable to Hacking
The Department of Homeland Security’s cybersecurity agency used a new subpoena power last week to contact at least one U.S. internet service provider with customers whose software is vulnerable to hacking. It’s an authority that the DHS’s Cybersecurity and Infrastructure Security Agency has long sought, as agency officials struggled to communicate with some technology firms before flaws in their equipment became public and risked exploitation by state-linked or criminal hackers.
How Trend Micro Helps Manage Exploited Vulnerabilities
As technological innovations evolve, protecting companies from cyber threats tomorrow secures their businesses today. In this blog, read about how Trend Micro protects customers from vulnerability exploits by blocking them as early as possible.
Do you think the new pandemic-fueled cyberfraud will continue post-pandemic? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.