Welcome to CyberIntelMag’s weekly roundup! A place where you can find the most important stories in the cybersecurity world from the past week.
The Good News
This week’s good news includes Microsoft strengthening Windows 11 against RDP brute-force attacks, numerous ransomware victims being helped by “No More Ransom” in the past few years, LibreOffice patched three new flaws, Akamai thwarting Europe’s biggest DDoS attack, and much more.
- As part of the latest releases of the Windows 11 OS, Microsoft is now implementing safeguards to counter RDP (Remote Desktop Protocol) brute-force attacks.
- No More Ransom, founded by the collaboration of law enforcement (Europol and the Dutch National Police) and IT security firms (Kaspersky and McAfee), celebrated its 6th anniversary after providing free file recovery assistance to millions of ransomware victims.
- LibreOffice’s developers published security upgrades to address three security holes in the program, one of which might be used to execute arbitrary code on affected PCs.
- Two individuals were detained by the Spanish police on suspicion of being the hackers responsible for cyberattacks against the nation’s radioactivity alert network (RAR) between March and June 2021.
- Akamai, a cybersecurity and cloud service provider, thwarted the largest distributed denial of service (DDoS) attack in Europe. The target experienced dozens of such attacks in just a period of 30 days.
The Bad News
This week’s bad news includes Roaming Mantis financial hackers attacking the iPhone and Android users in France, Hackers stealing $6 million from Audius, ransomware gang Lockbit hijacking the Italian Revenue Agency, a rise in the global malware volume, a lawmaker from Europe being targeted with spyware, new malware being found in apps on the Google Play Store, and much more.
- After months of widening its scope to include all of Europe, the mobile threat campaign known as Roaming Mantis was linked to a new wave of hacks directed against smartphone users from France.
- A phishing effort with the codename “Ducktail” surfaced. It targets professionals on LinkedIn intending to gain control of Facebook business accounts that handle the company’s advertising.
- According to new statistics from SonicWall, global ransomware volumes decreased by 23% year over year (YoY) in the first half of 2022, while total malware increased by 11% during the same time.
- The IT security experts at Manchester, England-based NCC Group, described in a piece of technical advice how Nuki Smart Locks are susceptible to a wide range of attacks.
- Threat actors infiltrated the decentralized music portal Audius over the weekend and grabbed over 18 million AUDIO tokens. At present, the worth of tokens is approximately $6 million.
- A fresh group of malicious Android applications containing malware and adware, downloaded around 10 million times on mobile devices, was discovered on the Google Play Store.
- An effort to plant sophisticated monitoring software on the phone of a Greek politician was discovered during a security assessment by the European Parliament, and recent reports link the hack attempt to a famous North Macedonian spyware vendor.
- Hackers distributing malware through phishing attachments with malicious macros progressively modified their strategies after Microsoft Office started rejecting them. They now use new file formats, including ISO, RAR, and Windows Shortcut (LNK) attachments.
- The ransomware group Lockbit added the Italian Revenue Agency (Agenzia Delle Entrate) to the list of targets recorded on its dark web leak site.
- McAfee’s mobile research team found several apps in the Google Play Store containing new malware. It hides and consistently displays adverts to over 1 million victims. Moreover, harmful services are launched immediately after installation.
- OneTouchPoint, a provider of mailing and printing services, announced a data breach that affected more than 30 healthcare organizations and health insurance companies.
- Details were released on a security flaw in Dahua’s implementation of the Open Network Video Interface Forum (ONVIF) that, if abused, might result in the takeover of IP cameras.