15 February 2021 Weekly Newsletter

BOCRA website




Android Devices Hunted by LodaRAT Windows Malware

                                                     LATEST CYBER HACKS 




Singapore Telecom Firm Singtel Discloses Breach Potentially Impacting Customer Data

Singtel says it is investigating the impact of a cybersecurity breach that may have compromised customer data, after it ascertained on February 9 that "files were taken". The attack had affected a file-sharing system developed two decades ago by a third-party vendor Accellion, which the Singapore telco had used internally and with external stakeholders.


Web hosting provider shuts down after cyberattack

According to a message posted on its official site [archived], the company said it was breached on Monday, February 8. The hacker appears to have "compromised" the company's entire operation, including its official website, admin section, and customer database.





A Windows Defender Vulnerability Lurked Undetected for 12 Years

The flaw, discovered by researchers at the security firm SentinelOne, showed up in a driver that Windows Defender—renamed Microsoft Defender last year—uses to delete the invasive files and infrastructure that malware can create. When the driver removes a malicious file, it replaces it with a new, benign one as a sort of placeholder during remediation. But the researchers discovered that the system doesn't specifically verify that new file. As a result, an attacker could insert strategic system links that direct the driver to overwrite the wrong file or even run malicious code. 



PayPal fixes reflected XSS vulnerability in user wallet currency converter

First disclosed on February 19, 2020, by a bug bounty hunter who goes by the name "Cr33pb0y" on HackerOne, the vulnerability is described as a "reflected XSS and CSP bypass" issue.





Microsoft Issues Patches for In-the-Wild 0-day and 55 Others Windows Bugs

The most critical of the flaws is a Windows Win32k privilege escalation vulnerability (CVE-2021-1732, CVSS score 7.8) that allows attackers with access to a target system to run malicious code with elevated permissions. Microsoft credited JinQuan, MaDongZe, TuXiaoYi, and LiHao of DBAPPSecurity for discovering and reporting the vulnerability.



This old security vulnerability left millions of Internet of Things devices vulnerable to attacks

Vulnerabilities in the communications protocols used by millions of Internet of Things (IoT) and operational technology (OT) devices could allow cyber attackers to intercept and manipulate data.





2016 Facebook malware campaign resurfaces, India top victim

New Delhi, A 2016 Facebook malware campaign, known to use a combination of Windows trojan, browser injections, clever scripting and a bug in the social network's platform, has resurfaced in India, targeting millions of users, a new report warned on Monday



Malicious extension abuses Chrome sync to steal users’ data

The Google Chrome Sync feature can be abused by threat actors to harvest information from compromised computers using maliciously-crafted Chrome browser extensions.



Android Barcode Scanner With 10 Million Download Turns Malicious after an Update

Users had the Barcode Scanner App installed on their devices for long periods. After an update during December, Barcode Scanner had gone from an innocent scanner to full-on malware!

                               GENERAL NEWS




Researchers identify 223 vulnerabilities used in recent ransomware attacks

Ransomware is getting worse. Cybersecurity analysts have been screaming this sentiment from the rooftops for years, but now new research examining the expanding landscape of software vulnerabilities leveraged in ransomware attacks offers up some hard numbers that put the depth of this problem into context.



New research reveals who’s targeted by email attacks

Every day, Google stop more than 100 million harmful emails from reaching Gmail users. Last year, during the peak of the pandemic crisis they saw 18 million daily malware and phishing emails related to COVID-19. 


Botswana Communications Regulatory Authority

Private Bag 00495, Gaborone, Botswana


Disclaimer: This information was gathered from multi-trusted feeds and it is not created by COMM-CIRT