Pulse Secure fixes VPN zero-day used to hack high-value targets
Apple releases fixes for three WebKit zero-days, additional patches for a fourth
Spam and phishing in Q1 2021
securelist.com/spam-and-phishing-in-q1-2021/102018/ Several instances of scammers using the COVID-19 pandemic as a lure. See article for screenshots of the phishing campaigns.
Spearphishing Attack Uses COVID-21 Lure to Target Ukrainian Government
www.fortinet.com/blog/threat-research/spearphishing-attack-uses-covid-21-lure-to-target-ukrainian-government Spearphishing emails were sent to various security arms of the Ukrainian government utilizing social engineering lures containing subjects such as: “New COVID-21 Variant” and “An Urgent Computer Update”. This latest iteration of the COVID-themed lures we have been seeing over the past year is not about COVID-19, but a fictitious COVID-21 (bypassing the equally fictitious COVID-20 entirely!) using a fake World Health Organization (WHO) link
NSA releases Cybersecurity Advisory (CSA) on Ensuring Security of Operational Technology
www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2589103/nsa-releases-cybersecurity-advisory-on-ensuring-security-of-operational-technol/ The CSA details how to evaluate risks to systems and improve the security of connections between OT and enterprise networks. Information technology (IT) exploitation can serve as a pivot point for OT exploitation, so carefully evaluating the risk of connectivity between IT and OT systems is necessary to ensure unique cybersecurity requirements are met.
New Variant of Buer Loader Written in Rust
www.proofpoint.com/us/blog/threat-insight/new-variant-buer-loader-written-rust The new Buer variant is written in Rust, an efficient and easy-to-use programming language that is becoming increasingly popular. Proofpoint is calling this variant RustyBuer. Rewriting the malware in Rust enables the threat actor to better evade existing Buer detection capabilities.
A Second Iranian State-Sponsored Ransomware Operation “Project Signal” Emerges
www.flashpoint-intel.com/blog/second-iranian-ransomware-operation-project-signal-emerges/ Flashpoint has validated recently leaked documents that indicate Iran’s Islamic Revolutionary Guard Corps (IRGC) was operating a state-sponsored ransomware campaign through an Iranian contracting company
Experian API Exposed Credit Scores of Most Americans
krebsonsecurity.com/2021/04/experian-api-exposed-credit-scores-of-most-americans/ American consumer credit bureau Experian just fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address