Afternoon Dessert - 2022-07-19

Welcome to another Afternoon Dessert breakout:

Russian SVR hackers use Google Drive, Dropbox to evade detection
State-backed hackers part of Russia's Federation Foreign Intelligence Service (SVR) have switched, for the first time, to using legitimate cloud storage services such as Google Drive to evade detection. [...]
Read more....

Air-gapped systems leak data via SATA cable WiFi antennas
An Israeli security researcher has demonstrated a novel attack against air-gapped systems by leveraging the SATA cables inside computers as a wireless antenna to emanate data via radio signals. [...]
Read more....

New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals
A new method devised to leak information and jump over air-gaps takes advantage of Serial Advanced Technology Attachment (SATA) or Serial ATA cables as a communication medium, adding to a long list of electromagnetic, magnetic, electric, optical, and acoustic methods already demonstrated to plunder data. "Although air-gap computers have no wireless connectivity, we show that attackers can use
Read more....

Experts Uncover New CloudMensis Spyware Targeting Apple macOS Users
Cybersecurity researchers have taken the wraps off a previously undocumented spyware targeting the Apple macOS operating system. The malware, codenamed CloudMensis by Slovak cybersecurity firm ESET, is said to exclusively use public cloud storage services such as pCloud, Yandex Disk, and Dropbox for receiving attacker commands and exfiltrating files. "Its capabilities clearly show that the
Read more....

Security Experts Warn of Two Primary Client-Side Risks Associated with Data Exfiltration and Loss
Two client-side risks dominate the problems with data loss and data exfiltration: improperly placed trackers on websites and web applications and malicious client-side code pulled from third-party repositories like NPM.  Client-side security researchers are finding that improperly placed trackers, while not intentionally malicious, are a growing problem and have clear and significant privacy
Read more....

50k credit cards stolen from 300 U.S. restaurants using skimmers
Payment card details from customers of more than 300 restaurants have been stolen in two web-skimming campaigns targeting three online ordering platforms. [...]
Read more....

Belgium says Chinese hackers attacked its Ministry of Defense
The Minister for Foreign Affairs of Belgium says multiple Chinese state-backed threat groups targeted the country's defense and interior ministries. [...]
Read more....

Pegasus Spyware Used to Hack Devices of Pro-Democracy Activists in Thailand
Thai activists involved in the country's pro-democracy protests have had their smartphones infected with NSO Group's infamous Pegasus government-sponsored spyware. At least 30 individuals, spanning activists, academics, lawyers, and NGO workers, are believed to have been targeted between October 2020 and November 2021, many of whom have been previously detained, arrested and imprisoned for their
Read more....

Google catches Turla hackers deploying Android malware in Ukraine
Google's Threat Analysis Group (TAG), whose primary goal is to defend Google users from state-sponsored attacks, said today that Russian-backed threat groups are still focusing their attacks on Ukrainian organizations. [...]
Read more....

Popular vehicle GPS tracker gives hackers admin privileges over SMS
Vulnerability researchers have found security issues in a GPS tracker that is advertised as being present in about 1.5 million vehicles in 169 countries. [...]
Read more....

Malicious Android apps with 300K installs found on Google Play
Cybersecurity researchers have discovered three Android malware families infiltrating the Google Play Store, hiding their malicious payloads inside many seemingly innocuous applications. [...]
Read more....