24 JANUARY 2023 WEEKLY NEWSLETTER

BOCRA website

     

NEWSLETTER

 

Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud


                                                     LATEST CYBER HACKS 

 
 
icon

Briefs Cybercrime PLAY ransomware group claims attack on Arnold Clark, one of Britain’s largest car dealerships

Sensitive personal data allegedly stolen from Arnold Clark, one of the United Kingdom’s largest car dealerships, has been posted online by the PLAY ransomware group.

icon

Hacktivist Discovered U.S. No Fly List on Unsecured Airline Server

A COPY OF the No Fly List from 2019 has leaked, uncovered by a Swiss cybersecurity researcher and hacktivist who claims to have discovered it on an unsecured internet server belonging to an airline.

icon

Electronic health record giant NextGen dealing with cyberattack

Hospital technology giant NextGen Healthcare said it is responding to a cyberattack after a notorious ransomware group added the company to its list of victims. The multibillion-dollar healthcare giant produces electronic health record (EHR) software and practice management systems for hundreds of the biggest hospitals and clinics in the U.S., U.K., India and Canada.

 


                                                      VULNERABILITIES

 
 
icon

Critical ManageEngine RCE bug now exploited to open reverse shells

A critical remote code execution (RCE) vulnerability affecting multiple Zoho ManageEngine products is now being exploited in attacks.

icon

Over 19,000 end-of-life Cisco routers exposed to RCE attacks

Over 19,000 end-of-life Cisco VPN routers on the Internet are exposed to attacks targeting a remote command execution exploit chain.

By chaining two security flaws disclosed last week, threat actors can bypass authentication (CVE-2023-20025) and execute arbitrary commands (CVE-2023-2002) on the underlying operating system of Cisco Small Business RV016, RV042, RV042G and RV082 routers.


                                     MALWARES

 
 
icon

Hook: A Banking Malware with RAT Capabilities

Attackers behind the BlackRock and ERMAC banking trojans are offering another malware for rent, named Hook. It is an ERMAC fork that comes with additional capabilities to access saved files and create a remote interactive session.

icon

New CrySIS/Dharma Ransomware Variants Budding like Mushrooms

The CrySIS/Dharma ransomware family continues to evolve with new versions cropping up in the wild. Following the leak of the source code for one variant, several attackers began repurposing and utilizing new versions of the malware. As a result, encountering new variants of this particular ransomware became frequent.

icon

Malicious Apps Masquerade as Government Agencies to Distribute Gigabud RAT

Threat actors are distributing a new Android malware, named Gigabud, impersonating government agencies, financial institutions, and other organizations from Thailand, Peru, and the Philippines. 


                              


                               GENERAL NEWS

 
 
icon

Facebook Introduces New Features for End-to-End Encrypted Messenger App

Meta Platforms on Monday announced that it has started to expand global testing of end-to-end encryption (E2EE) in Messenger chats by default.

icon

WhatsApp fined €5.5 million by Irish DPC for GDPR violation

The Irish Data Protection Commission (DPC) has fined WhatsApp Ireland €5.5 million ($5.95m) after confirming that the messaging service violated the General Data Protection Regulation (GDPR).