Weekly Cybersecurity News
Ayushman Singh
Community Manager
We share this week’s important news of current events in the world of cybersecurity that directly or indirectly impact our lives as well as operations of businesses, various institutions and organizations, and governments-nation states in this highly digitalized and interconnected world.
Jamf’s Security 360 report exposes widespread cybersecurity shortcomings, emphasizing vulnerabilities in mobile devices (40% users, 39% organizations) and a rise in MacOS malware, notably Trojans (17%). Successful phishing attacks are 50% more likely on mobiles than Macs, while 20% of organizations face impacts from malicious network traffic. The report urges organizations to bolster security practices amid growing cyber threats.
Anatsa Android malware downloaded 150,000 times via Google Play:The Anatsa banking trojan has infected Android devices through malware droppers hosted on Google Play. Targeting users in Europe, the malware has been downloaded at least 150,000 times in the past four months. The campaigns focus on specific regions and use dropper apps, such as fake PDF viewers and phone cleaners, to increase credibility. The dropper apps employ a multi-staged infection process, abusing Android’s Accessibility Service to bypass security measures. While Google has removed some Anatsa dropper apps, the threat persists, with the total number of downloads expected to increase. The malware poses a risk of financial fraud, and users are advised to scrutinize app permissions and sources.
European Parliament defense subcommittee phones show ‘traces’ of hacking:Traces of hacking were found on phones of European Parliament’s Subcommittee on Security and Defense members, prompting a warning for checks. The Parliament is on guard for cyberattacks ahead of elections, with a history of spyware detections on members’ phones. Recent revelations in Poland about Pegasus spyware highlight Europe’s commercial spyware problem, threatening democratic processes. The European Parliament had previously established an investigating committee regarding the use of spyware by several governments across Europe.
IBM: Europe was the world’s most targeted region for cyberattacks in 2023:In 2023, Europe became the most targeted region for cyberattacks, accounting for 32% of incidents analyzed by IBM, surpassing Asia-Pacific and North America. The research indicates a significant rise in attacks exploiting valid user identities, which increased by 71% year-over-year. This method became the most common entry point for cybercriminals globally, alongside phishing. Within Europe, the UK was the most targeted country, with 27% of attacks, followed by Germany (15%) and Denmark (14%). Factors contributing to Europe’s attractiveness for hackers include the region’s prominence in ransomware attacks and widespread use of cloud platforms.
Stealthy backdoor Mac malware that can wipe out your files:The SpectralBlur backdoor malware, created by the Lazarus hacking group from North Korea, has targeted Mac users, capable of wiping out files without detection. This sophisticated malware went undetected for some time, with antivirus software on Mac initially unable to pick it up. SpectralBlur enters systems through vulnerabilities, phishing attacks, or malicious links/downloads. Once installed, it grants remote access to the attacker, allowing them to manipulate files, steal sensitive information, deploy additional malware, and execute various commands. The malware uses tactics like utilizing Mac’s sleep and hibernate commands, file wiping, and dynamic configuration updates to evade detection. Mac users are advised to update their operating systems regularly, install reliable antivirus software, exercise caution with email attachments and downloads, and maintain regular backups of important data to protect against SpectralBlur and similar threats.
Attack velocity surges with average breakout time down to only 62 minutes:The speed of cyberattacks is rapidly increasing, with the average breakout time down to 62 minutes, according to a CrowdStrike report. Adversaries exploit stolen credentials, leading to a 60% rise in interactive intrusions. Cloud intrusions increased by 75%, with a 110% surge in cloud-conscious cases year-over-year. The report predicts the use of generative AI in cyber activities in 2024. Nation-state actors are expected to conduct disinformation operations during over 40 democratic elections in 2024. CrowdStrike emphasizes a platform-approach, utilizing threat intelligence and hunting, for comprehensive cybersecurity.
Signal Finally Rolls Out Usernames, So You Can Keep Your Phone Number Private:Signal has introduced a new set of features aimed at enhancing phone number privacy on its end-to-end encrypted messenger app. The features, currently in beta, allow users to conceal their phone numbers and share a chosen username instead. The default setting ensures that a user’s phone number is not visible in their Signal profile unless the number is saved in someone else’s phone address book. Users can also opt to create and share a unique username or QR code, making it easier to connect without exposing their phone number. Additionally, users can choose to disable both the visibility and discoverability of their phone number, requiring others to have their username to connect. While these features represent a significant improvement for privacy, Signal still requires users to share their phone number during registration, which some critics argue compromises anonymity.
Bye-bye identity theft: how biometrics can revolutionize security:Biometric authentication, specifically using unique biometric identifiers, underlined by blockchain technology, can revolutionize security and is the future of digital security. The use of self-sovereign identity technology will give consumers ownership and control over their personal data, ultimately preventing identity fraud. The rise in fraud, phishing attacks, and data leaks during the pandemic and its aftermath has exacerbated the need for the adoption of biometrically validated digital IDs, stored on decentralized blockchains, to enhance data security and privacy. The verified digital IDs will become the standard, replacing passwords and traditional forms of authentication.
Fraudsters have found creative ways to scam some businesses:Experian reports that 70% of businesses note an increase in fraud losses, while over half of consumers feel more targeted by fraud compared to the previous year. To combat fraud in 2024, Experian recommends sophisticated fraud protection solutions utilizing data and technology.
Amount of fraud in UK more than doubled to £2.3bn in 2023, report finds:The UK experienced a surge in fraud, reaching £2.3 billion in 2023, the second-highest in two decades, according to a BDO report. High-value cases over £50 million increased by 60%, with concerns raised about the future impact of fraudsters using artificial intelligence. The rise is attributed to online scams, phishing, and system breaches. UK banks have warned of a scam epidemic.
Relevant tags:
Published on Medium
