Lunch Time Nibbles - 2022-09-23

Welcome to another Lunch Time breakout:

Fake Indian Banking Rewards Apps Targeting Android Users with Info-stealing Malware
An SMS-based phishing campaign is targeting customers of Indian banks with information-stealing malware that masquerades as a rewards application. The Microsoft 365 Defender Research Team said that the messages contain links that redirect users to a sketchy website that triggers the download of the fake banking rewards app for ICICI Bank. "The malware's RAT capabilities allow the attacker to
Read more....

Hackers Using Malicious OAuth Apps to Take Over Email Servers
Microsoft on Thursday warned of a consumer-facing attack that made use of rogue OAuth applications on compromised cloud tenants to ultimately seize control of Exchange servers and spread spam. "The threat actor launched credential stuffing attacks against high-risk accounts that didn't have multi-factor authentication (MFA) enabled and leveraged the unsecured administrator accounts to gain
Read more....

CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. "Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution," the agency
Read more....

Firing Your Entire Cybersecurity Team? Are You Sure?
What on earth were they thinking? That's what we – and other security experts – were wondering when content giant Patreon recently dismissed its entire internal cybersecurity team in exchange for outsourced services. Of course, we don't know the true motivations for this move. But, as outsiders looking in, we can guess the cybersecurity implications of the decision would be inescapable for any
Read more....

Void Balaur Hackers-for-Hire Targeting Russian Businesses and Politics Entities
A hack-for-hire group that was first exposed in 2019 has expanded its focus to set its sights on entities with business or political ties to Russia. Dubbed Void Balaur, the cyber mercenary collective has a history of launching cyberattacks against biotechnology and telecom companies since 2015. As many as 3,500 victims have been reported as of November 2021. "Void Balaur [...] primarily dabbles
Read more....

Multi-million dollar credit card fraud operation uncovered
A massive operation that has reportedly siphoned millions of USD from credit cards since its launch in 2019 has been exposed and is considered responsible for losses for tens of thousands of victims. [...]
Read more....

Microsoft shares workarounds for Windows Group Policy issues
Microsoft has acknowledged a known issue where copying files/shortcuts using Group Policy Preferences on Windows client devices might not work as expected after installing recent Windows cumulative updates released during this month's Patch Tuesday. [...]
Read more....

This image contains its own MD5 checksum — and it's kind of a big deal
Generating checksums—cryptographic hashes such as MD5 or SHA-256 functions for files is hardly anything new and one of the most efficient means to ascertain the integrity of a file, or to check if two files are identical. But a researcher has generated an image that visibly contains its own MD5 hash. [...]
Read more....

Train to become an ethical hacker with this $35 course deal
The point is, if you want to advance your career in IT and get a better handle on cyber threat mitigation, then The 2023 Complete Cyber Security Ethical Hacking Certification Bundle is a great place to start. It's convenient, it's fun, and since it's on sale, it's very easy to afford. [...]
Read more....