20-Mar-24: In Security News Today

Tax Hackers Attack Small Business With Phishing Emails

Threat actors are using tax phishing attacks to target small business owners and self-employed individuals in an attempt to compromise Social Security numbers. The scammers are obtaining email lists of self-employed US residents, offering fake links to apply for federal identification numbers, and then requesting extensive personal information including Social Security numbers. Malwarebytes Labs warns that awareness is crucial to prevent falling victim to these scams, advising individuals to verify email origins, be cautious of requests for personal information, and avoid rushing into decisions prompted by a sense of urgency.

Hackers Posing as Law Firms Phish Global Orgs in Multiple Languages

The cybercriminal group known as Narwhal Spider recently conducted a phishing campaign targeting companies by sending malicious PDFs disguised as legal invoices. The group exploited a one-day vulnerability in Windows SmartScreen and used a downloader called WikiLoader for command-and-control. Organizations are advised to watch for suspicious traffic patterns and educate employees on identifying phishing emails to protect against such attacks.

Chrome and Firefox Patch Serious Vulnerabilities

Recent updates for Chrome 123 and Firefox 124 address a critical-severity vulnerability and multiple high-severity flaws. Chrome patched 12 bugs, including a high-severity issue in the V8 engine, while Firefox fixed critical memory safety bugs that could allow arbitrary code execution. These patches highlight the ongoing efforts to secure web browsers against exploitation.

UK Government: 75% of UK Businesses Experienced a Cyber Incident in 2023

A recent UK government report revealed that a high percentage of businesses and charities in the UK have experienced cybersecurity incidents in the past year, with limited improvements in cybersecurity posture. The report highlighted differences in cybersecurity approaches between businesses and charities, emphasizing the importance of boardroom involvement and regular discussions on cybersecurity. The findings underscore the need for organizations to prioritize cyber resilience and move away from treating cybersecurity as solely an IT issue, especially in the face of increasing cyber threats.

Russian Intelligence Targets Victims Worldwide in Rapid-Fire Cyberattacks

Russian state hackers, identified as Fancy Bear, are conducting targeted phishing campaigns across nine countries, utilizing official-looking government documents to steal strategic intelligence. These sophisticated attacks involve at least 11 unique lures and target sensitive information beneficial to the Russian government. The specificity and apparent legitimacy of the documents used in these campaigns indicate a high level of sophistication and aim to infiltrate various sectors, including finance and defense.

Attacker Caught Stealing Personal Data of 132,000 Individuals

Robert Purbeck from Idaho has pleaded guilty to hacking and data theft, involving over 132,000 records from medical clinics and a police department, carried out between 2017 and 2018. As part of his plea, Purbeck has agreed to pay over $1 million in restitution. This case emphasizes the significant legal repercussions for cybercriminals and the importance of cybersecurity vigilance.

1 in 4 Organizations Shut Down OT Operations Due to Cyberattacks: Survey

A Palo Alto Networks survey reveals that many industrial organizations face cyberattacks, with one in four needing to shut down operational technology (OT) operations as a result. These disruptions not only lead to immediate revenue loss but also incur long-term reputational and financial damages. The survey emphasizes the importance of enhancing OT cybersecurity measures and the collaborative role of IT and OT in mitigating threats.

CISA Warns Critical Infrastructure Leaders of Chinese State-Sponsored Attacker: Volt Typhoon

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the imminent threat posed by People’s Republic of China state-sponsored cyber actors known as ‘Volt Typhoon.’ CISA, along with NSA, FBI, and other partners, released an advisory confirming Volt Typhoon’s active infiltration of US critical infrastructure networks. The advisory emphasizes the need for organizations to prioritize cybersecurity measures, empower cybersecurity teams, secure supply chains, and enhance incident response plans to defend against Volt Typhoon and other malicious cyber activities.

India’s Android Users Hit by Malware-as-a-Service Campaign

A malware-as-a-service campaign is aggressively targeting Android users in India, distributing malicious APKs disguised as utility apps to steal banking and personal data. Broadcom’s analysis reveals that these APK packages aim to harvest sensitive information like SMS messages and banking details. Android users are advised to safeguard their devices by only downloading apps from trusted sources and staying informed about potential security threats.

Spa Grand Prix Email Account Hacked to Phish Banking Info from Fans

Hackers compromised the official contact email of the Spa Grand Prix event to deceive fans into a fake website offering a €50 gift voucher, aiming to collect banking information. The race organizer promptly responded by alerting customers, enhancing security measures, and involving the Belgian cyber police in a criminal investigation. The incident did not affect the official website’s security, and impacted individuals are advised to contact the Spa Grand Prix secretariat for assistance.

Here’s Why Twitter Sends You to a Different Site Than What You Clicked

Twitter users have reported being redirected to unexpected websites when clicking on links in posts or ads due to a vulnerability in how Twitter handles external link previews. This flaw allows malicious actors to deceive users by displaying a legitimate website name while redirecting them to a malicious site, such as a Telegram account promoting scams. The issue is exacerbated on mobile apps where users cannot hover over links to verify their destination, making it crucial for users to exercise caution and avoid clicking on links without verifying the URL.

Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.