Cyber News Of The Week - 23rd December 2022

Welcome to our last #CyberNews round-up of 2022! ??

It has been a crazy week for the world of #CyberSecurity this week, with a high-profile #CyberAttack on the UK media, a #phishing warning from the Federal Bureau of Investigation (FBI) , and several new threats emerging.

Here’s what’s been going on in our ever-changing industry over the past 7 days…

1. UK-based newspaper and online media outlet, The Guardian , has been hit by a serious #IT incident, which is believed to be a #ransomware attack. The company’s #technology #infrastructure has been affected, alongside some of its behind-the-scenes services, with many staff being asked to work from home. Little else is known about the attack for now, but we’re sure more information (and the threat actors behind the attack) will emerge soon.

Find out more at TechCrunch : https://techcrunch.com/2022/12/21/the-guardian-ransomware/

2. 微软 has announced that it will be permanently switching off basic authentication on #Exchange Online in January, in an attempt to move all users over to more secure means of #authentication and improve #security.

Find out more at BleepingComputer : https://www.bleepingcomputer.com/news/microsoft/microsoft-will-turn-off-exchange-online-basic-auth-in-january/

3. In a public service announcement released earlier this week, the #FBI warned that threat actors are purchasing online advertisements that impersonate legitimate businesses or services to spread malware and launch phishing attacks. These ads often appear at the top of search result pages and link to sites that look identical to the impersonated company's website, fooling users into providing personal information and/or downloading #malware.

Find out more at BleepingComputer : https://www.bleepingcomputer.com/news/security/fbi-warns-of-search-engine-ads-pushing-malware-phishing/?

4. One of President Joe Biden’s most senior cyber security advisers, Chris Inglis, is expected to step down in the next two months. Inglis has decades of government cyber security experience and has served as National Cyber Director in the White House since July 2021, but is expected to take retirement. The announcement came shortly after the White House released a much-anticipated new national cybersecurity strategy, aimed at encouraging private companies to improve their cyber security defences.

Find out more at CNN : https://edition.cnn.com/2022/12/21/politics/white-house-cyber-official-chris-inglis-to-step-down/index.html

5. The U.S. Department of Justice has announced the arrest of two men allegedly involved in a hacking scheme at John F. Kennedy International Airport (JFK) . The scheme, which targeted the taxi dispatch system at the airport, allowed taxi drivers to pay the hackers a fee to skip the dispatch queue, allowing them to fit in more customers and make more money in a shorter time frame. The dispatch system usually follows a strict queue, with taxi drivers at the back of the queue waiting hours to be dispatched.

Find out more at SecurityWeek : https://www.securityweek.com/two-men-arrested-jfk-airport-taxi-hacking-scheme

6. The Computer Emergency Response Team of Ukraine (known as CERT-UA ) revealed earlier this week that users of the #Delta situational awareness program (the system providing data to the Ukrainian military) received phishing emails from a compromised email account belonging to the Ministry of Defense and Aviation . The emails contained PDF’s with links that would have led to a malware download.

Find out more at The Hacker News : https://thehackernews.com/2022/12/ukraines-delta-military-system-users.html

7. A #TrojanVirus is being used to target banking apps on Android phones, with more than 400 apps across 16 countries affected so far. The malware, like many financial trojans targeting the #Android ecosystem, attempts to steal user credentials by generating a fake overlay screen that is served on top of the target application, forcing users to tap malicious links.

Find out more at The Hacker News : https://thehackernews.com/2022/12/godfather-android-banking-trojan.html?

–

Want to stay updated on all things #CyberSecurityNews? Subscribe to our weekly newsletter by clicking 'Subscribe' at the top of this page!