CyberIntelMag's Threat report

Weekly Cyber Threat Report, October 25 – October 29, 2021

Welcome to CyberIntelMag’s weekly roundup! A place where you can find the most important stories in the cybersecurity world from the past week.

From the good news:

This week’s good news includes Hitachi, Trend Micro, and Microsoft Japan coming together for boosting connected cars’ security, Chrome update fixing the latest zero-day vulnerabilities, Schreiber Foods coming back to normal after the cyberattack, Adobe fixing more than 90 vulnerabilities, and others.

  • Adobe provided fixes for 92 documented vulnerabilities in all. Of them, more than 60 constitute a remote code execution risk. Adobe clarified that they aren’t used in attacks and didn’t expect them to be exploited in the future.
  • Hitachi, Trend Micro, and Microsoft Japan have agreed to collaborate to provide security solutions that detect, analyze, and respond to cyberattacks on autos and connected cars’ peripheral systems. This collaboration is expected to prevent worldwide ever-evolving cyber threats.
  • TrickBot malware’s creator is extradited to the U.S. and may get the punishment of 60 years in jail. His arrest and sentencing will send a message to everyone who engages in such misconduct that they will face harsh consequences.
  • The Australian government has unleashed a new pilot program to capture phishing texts that look like originating from government agencies. Millions of dollars (AUD) are also being spent by the government on cyber education initiatives.
  • Google patched two Chrome zero-day vulnerabilities CVE-2021-38000 and CVE-2021-38003, among other bugs, and it launched a new version to address them. The latest update addresses a total of eight flaws. Google recommends users update and install the latest versions as soon as possible.
  • Recently, Schreiber Foods suffered a ransomware attack that led to the shut down of its milk factories. The good news is that they’ve made significant progress, and on Monday, October 25, their plants began to operate again.

From the bad news:

We’ve learned that almost all US executives experience a cyber threat attack, cyberattacks can be triggered by natural catastrophes, threat actors using a new squirrelwaffle loader, a bug in a WordPress plugin impacted millions of sites, and more.

  • According to experts, cybercriminals might take advantage of natural catastrophes such as hurricanes, tornadoes, and wildfires to wreak havoc on key infrastructures, such as transportation, water and sewer systems, emergency response, and hospitals, as they become more sophisticated.
  • A new malspam campaign has emerged that uses squirrelwaffle loader to install more malware like Cobalt Strike and Qakbot. It also communicates with a remote attacker-controlled server in order to collect secondary payloads, making it a versatile tool.
  • As per a Deloitte survey, almost all US executives have been exposed to at least one cybersecurity incident over the last year. Disruption (28%), a reduction in share value (24%), intellectual property theft (22%), and harm to reputation, which leads to a loss of consumer confidence (22%), are all prevalent following an incident.
  • A vulnerability, CVE-2021-39341, has affected the WordPress plugin – OptinMonster. On about a million WordPress sites, it allows illegal API access and critical information exposure. As OptinMonster versions earlier than 2.6.5 are affected by this vulnerability, all users of this plugin must upgrade to version 2.6.5 or later.
  • Phishing emails by cybercriminals use QR codes to get passwords and usernames for business cloud services such as Microsoft 365. Because standard email security precautions such as URL scanners won’t pick up any evidence of a suspicious link or attachment in the message, QR codes can be beneficial in efforts at criminal conduct.
  • In the prior year, 78% of organizations reported an increasing number of non-business IoT devices on corporate networks. Cybercriminals may use IoT sensors to hack a company’s network and deploy cyberattacks, like ransomware.
  • macOS systems are at a target of cybercriminals exploiting a new “Shrootless” vulnerability. It enables a malicious actor to create a specially crafted file that will hijack the installation process.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.