Cybercriminals are getting creative with Google services. In latest research, experts have uncovered that attackers are taking advantage of Google Forms, FireBase, Google Docs, and Google Sites to sneak past defensive tools and steal sensitive information.
A new attack method that turns smart home equipment against users has been uncovered by researchers. Termed as LidarPhone, the attack relies on the built-in LiDAR laser-based navigational component in the vacuum cleaner to snoop on users’ conversations and their private data.
Apart from these, there is also a major update on QBot’s malicious activity. The trojan has dropped ProLock ransomware and opted for Egregor ransomware as part of its latest attack campaigns.
Top Breaches Reported in the Last 24 Hours
Vulnerable Go SMS Pro exposes data
Go SMS Pro has exposed audio, video, and photo messages of millions of its users due to a flaw in its app. The issue exists in the functionality that allows users to send private media to other people even if they do not have the GO SMS Pro application installed on their devices. The app has over 100 million downloads to date.
Researchers learned that both U.S. and European banks were experiencing a spike in e-commerce fraud linked to China-based sites. These domains were used to steal payment card data from unwitting shoppers and then, sell the data across various dark web marketplaces.
Oregon County affected
Oregon’s Jackson County is dealing with an outage on its website that occurred due to a ransomware attack on Managed.com. The attack occurred early this week.
Top Malware Reported in the Last 24 Hours
QBot adds a new partner
The QBot trojan has dropped the ProLock ransomware and partnered with Egregor ransomware as part of its latest attack campaigns. These campaigns are carried out through phishing emails containing malicious Excel documents pretending to be DocSign documents.
Mount Locker ransomware
Mount Locker ransomware has shifted its focus to users filing tax returns through TurboTax. The stolen data and encrypted files in this case are then used in a double extortion scheme where victims are warned that their files will be published on a data leak site if a ransom is not paid.
Top Vulnerabilities Reported in the Last 24 Hours
VMware patches six flaws
VMware has patched a total of six vulnerabilities in its SD-WAN Orchestrator product. These flaws can allow attackers to steer traffic or shut down the enterprise network. The flaws are related to SQL injection bugs, remote code execution, and default passwords.
Researchers demonstrated a new attack method called LidarPhone that converts vacuum cleaners to microphones. The attack works by leveraging the built-in LiDAR laser-based navigational component in the vacuum cleaner.
Top Scams Reported in the Last 24 Hours
New ways of phishing
Researchers have found that cybercriminals are using free Google services such as Google Forms, Google Sites, Firebase, and Google mobile platform for app development to launch a variety of phishing attacks. These services enable attackers to evade detection by security software while carrying out their malicious intentions. It is advised that employees and users should use MFA and learn to spot phishing emails to stay safe.