22 February 2021 Weekly Newsletter

BOCRA website




Mac Malware Targets Apple’s In-House M1 Processor

                                                     LATEST CYBER HACKS 




Largest commercial bank in Ukraine has 40 million user records sold online

According to the post author, the database for sale contains 40 million entries. PrivatBank denies that the data is from their bank.


Yandex Data Breach Exposes 4K+ Email Accounts

In a security notice, Yandex said an employee had been providing unauthorized access to users’ email accounts “for personal gain.”





Hackers abuse Google Apps Script to steal credit cards, bypass CSP

Attackers are abusing Google's Apps Script business application development platform to steal credit card information submitted by customers of e-commerce websites while shopping online.



Exploit Details Emerge for Unpatched Microsoft Bug

A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes.



SDK Bug Lets Attackers Spy on User’s Video Calls Across Dating, Healthcare Apps

A vulnerability in an SDK that allows users to make video calls in apps like eHarmony, Plenty of Fish, MeetMe and Skout allows threat actors to spy on private calls without the user knowing.



Security bugs left unpatched in Android app with one billion downloads

Attackers can exploit SHAREit permissions to execute malicious code through vulnerabilities that remain unpatched three months after app makers were informed.





Masslogger Swipes Microsoft Outlook, Google Chrome Credentials

A new version of the Masslogger trojan has been targeting Windows users – now using a compiled HTML (CHM) file format to start the infection chain.



Windows, Linux Devices Hijacked In Two-Year Cryptojacking Campaign

The WatchDog malware has flown under the radar for two years in what researchers call one of the ‘largest’ Monero cryptojacking attacks ever.

                               GENERAL NEWS




Microsoft Edge is getting a new child-friendly Kids Mode

Microsoft is adding a new 'Kids Mode' to the Microsoft Edge browser that provides a safe environment for children to browse the web and consume family-friendly content.



Windows 10 Secure Boot update triggers BitLocker key recovery

Microsoft has acknowledged an issue affecting Windows 10 customers who have installed the KB4535680 security update that addresses a security feature bypass vulnerability in Secure Boot.


Botswana Communications Regulatory Authority

Private Bag 00495, Gaborone, Botswana


Disclaimer: This information was gathered from multi-trusted feeds and it is not created by COMM-CIRT