Cyware Weekly Threat Intelligence, June 20 - 24, 2022

Weekly Threat Briefing • June 24, 2022
Weekly Threat Briefing • June 24, 2022
Dial 311 for cybersecurity emergencies! The CISA has proposed the idea of launching a hotline number to provide assistance to small and medium-sized businesses in the event of a cybersecurity incident. In another development, President Joe Biden has signed two bipartisan bills that aim at strengthening the government’s cybersecurity posture across the local, state, and federal levels.
A new spyware, which is as dangerous as Pegasus, is being used in the wild to spy on Apple and Android smartphones in Italy and Kazakhstan. The spyware leverages a combination of tactics, including the typical drive-download attack for propagation. Another aggressive campaign from the Conti ransomware group has come under the lens of researchers. The gang hacked over 40 organizations in an attack campaign, codenamed ARMattack, that was launched in 2021.
Operators behind the notorious Emotet trojan never fail to surprise security researchers and as part of their latest work, the attackers have updated the anti-evasion capabilities using Microsoft Excel macros to bypass security checks. In other emerging threats, ICS vendors have been warned about a series of flaws that affect their operation technology devices. Collectively called OT:Icefall, these flaws stem from insecure engineering protocols, weak cryptography or broken authentication schemes, insecure firmware update mechanisms, and native functionality abuse.