Weekly Recap July 22 2022
Table of Contents
- By Steven
- Jul 22, 2022
People once thought that water was the new oil, as the availability of fresh, potable water was starting to dwindle while the population continued to soar. People now say that data is the new oil.
Safeguarding data is just as important as collecting and analyzing it. The challenge lies in preventing evildoers on the web from illegally accessing, stealing, and selling your personal data or that of your customers. If you haven't updated your digital security protections in recent years, now is the time to do so. Here's a quick recap of this week's digital security breaches of note.
CloudMensis, a form of spyware, remained hidden until recently. No one is sure how long it hid, with best estimates being at least a year, possibly several. CloudMensis primarily zeroes in on Apple computers though there is the potential for computers with Intel architecture to also be targeted. The spyware steals valuable information, performs document exfiltration, obtains screen captures, and even records the computer user's keystrokes.
Google Eliminates Android Apps Laden With Malware
Google has deleted eight apps containing malware. After three million aggregate downloads, Google removed the Android apps from the online store. Suppose you have the Razer keyboard & Theme, the Gif Emoji Keyboard, the Vlog Star Video Editor, the Wow Beauty Camera, the Coco Camera, or the Funny Camera. In that case, your computing device might be laden with the threat, dubbed Autolycos.
Each of the apps is laden with Joker Spyware. Joker is a form of malware that replicates itself within apps, subscribing the compromised party's computer to costly services. Joker even gains access to text messages to boot.
Page Builder Plugin Exploitation
Cyber security professionals with Wordfence are warning computer users of the spike in web-based attacks that manipulate vulnerabilities in WordPress plugins. The addon in question is the Kaswara Modern WPBakery Page Builder. The worst-case outcome is a shifting of control of the WordPress website from the site owner/operator to the hacker. Researchers identified the bug last spring, but its effects have not been entirely resolved as of this publication.
Phishing Sidesteps MFA to Access Email
Microsoft officials have admitted hackers are successfully attacking thousands of organizations with a phishing scheme that overcomes MFA to obtain access to business email clients. The campaign sidesteps multifactor authentication to access messages in email inboxes and ultimately conduct illegal activity. The fraud centers on accessing the payment information of corporate vendors.
All in all, thousands of organizations have been hit by the campaign in less than a year. Aside from adding multifactor authentication, businesses are advised to bolster their digital safeguards and provide ongoing digital security training that helps team members identify phishing scams and other online threats.