Daily Cybersecurity Roundup, September 24, 2020
Cybercriminals often explore indirect ways to infiltrate sensitive targets like government agencies through their services provider and partners. Recently, Tyler Technologies, a software vendor for U.S. states and local governments, became victim of a cyberattack wherein an unknown actor breached its network. In other news, security experts spotted cybercriminals pushing a fake GDPR compliance reminder to obtain employees’ credentials. Without further ado, hop in to learn more about the cybersecurity events from the past 24 hours.
Tyler Technologies observed disruption in its internal network and phone systems, after intrusion by an unknown party.
Researchers uncovered a phishing campaign wherein attackers triggered a fraud GDPR compliance reminder to obtain credentials of executives and people in upper management.
ThreatFabric reported a new strain of Android malware called Alien that can steal credentials from 226 apps including Facebook, Gmail, and Snapchat.
Researchers at Sophos reported a new iPhone 12 scam wherein the attackers sent SMS messages to recipients, posing as a fake Apple 2020 Testing Program, to steal their credentials.
Microsoft and agencies in Italy and the Netherlands released warnings on the rising Emotet activity. Two weeks ago, cybersecurity agencies from France, Japan, and New Zealand also raised an alarm about the trojan.
A Nigerian hacker was sentenced to 36 months in prison in the U.S. for participating in a hacking operation that targeted government employees.
The National Institute of Standards and Technology (NIST) published a cybersecurity practice guide for enterprises to help them develop a strategy for recovering from attacks affecting data integrity.
According to Akamai, video game companies and players were targeted in 152 million web application attacks and 10 billion credential stuffing attacks from July 2018 to June 2020.
Google unveiled Chronicle Detect, a new real-time threat detection tool, to handle complex analytic events and attune a new threat detection language for modern attacks.
CrowdStrike will be acquiring Preempt Security, a provider of Zero Trust and access control technology, in a deal valued at roughly $96 million.