After the headline-grabbing attacks on the energy sector, the aviation industry is now under attack in a new targeted malware campaign as revealed by Microsoft. Amidst the news of the aftermath of the Colonial Pipeline attack, President Joe Biden signed an executive order aimed at strengthening the country's cybersecurity defenses. In other news, a phishing campaign on Twitter was found peeping into the wallets of cryptocurrency users. Continue reading for the top headlines from the cybersecurity space in the past 24 hours.
01
U.S. President Joe Biden signed an executive order to enforce breach notification requirements, create a standardized playbook for responses to cyber incidents, and create an organization that would investigate attacks along the lines of National Transportation Safety Board inquiries.
02
Microsoft uncovered a spearphishing campaign targeting aerospace and travel companies to steal credentials, screenshots, webcam and browser data, and more, using a new malware loader.
03
After claiming to not give in to extortion attempts, Colonial Pipeline paid $5 million in untraceable cryptocurrency to the hackers. The hefty ransom was paid within hours after the attack.
04
Fraudsters are exploiting Telegram groups to hawk fake COVID-19 baccination cards by collecting names and vaccine batch numbers from people who have posted their vax card details on social media.
05
Researchers spotted 167 malicious banking, trading, cryptocurrency, and foreign exchange apps, mimicking trusted and legitimate brands—such as Kraken, Binance, Gemini, Barclays, and TDBank—on Android and iOS platforms.
06
Check Point observed a global surge in ransomware attacks with a 102% spike in the first half of 2021 as compared to 2020. April onward, healthcare and utility sectors remained the most targeted. A new triple extortion tactic was also observed in recent attacks.
07
APT36, also known as Transparent Tribe, was found creating fake domains to impersonate military and defense firms and disseminate malware-laced documents to infect victims with ObliqueRAT and CrimsonRAT.
08
Users of wallet mobile apps Trust Wallet and MetaMask are reportedly facing aggressive Twitter phishing attacks aimed at stealing cryptocurrency funds from wallets.
09
Seattle-based cybersecurity firm NetMotion Software will be acquired by Absolute Software, a Canada-based provider of endpoint resilience solutions, for $340 million.
10
VisibleRisk, a cybersecurity startup that helps enterprises analyze threats from hacking campaigns, raised $25 million in funding led by Moody’s Investor Services and Team8 Labs.
