In a joint effort to address the growing concerns of cyber threats, the U.S. and international partners have issued a significant Cybersecurity Advisory.
The "2022 Top Routinely Exploited Vulnerabilities" advisory sheds light on the persistent exploitation of known software vulnerabilities.
These vulnerabilities have been a prime target for malicious cyber actors, who continue to exploit unpatched systems and applications.
The advisory reveals that despite the passage of time, certain vulnerabilities dating back more than five years remain exploitable.
These vulnerabilities pose a significant risk to organisations, potentially leading to data breaches and other cyber incidents.
The advisory provides a comprehensive list of the top Common Vulnerabilities and Exposures that have been consistently targeted by malicious actors.
These vulnerabilities span from 2017 to 2022 and remain unmitigated.
In light of these persistent threats, the advisory emphasises the importance of implementing recommended mitigations.
Organisations are strongly urged to prioritise vulnerability scanning and timely patching of vulnerable software to enhance their cybersecurity defences.
With cyber threats evolving at an alarming rate, this joint effort between cybersecurity agencies and international partners serves as a crucial step toward safeguarding digital landscapes from malicious activities.
Cybersecurity experts have uncovered a highly sophisticated phishing campaign targeting unsuspecting individuals on Facebook.
The campaign takes advantage of a previously unknown vulnerability in Salesforce's email services, enabling cyber threat actors to orchestrate targeted phishing attacks using legitimate domains and infrastructure.
The attackers send fraudulent email messages masquerading as official communications from Meta, the parent company of Facebook, while utilising email addresses with the "@salesforce.com" domain.
These phishing emails aim to deceive recipients into clicking on a link by falsely claiming that their Facebook accounts are under investigation for suspected impersonation.
The ultimate goal of this scheme is to lead victims to a deceptive landing page, designed to capture their account credentials and two-factor authentication codes.
Researchers emphasised the severity of this attack, stating that it can potentially target not only individuals but also Salesforce customers directly.
This incident comes amidst a rising tide of phishing activity, with cybercriminals employing various tactics to evade security measures.
As cybersecurity experts continue to grapple with these evolving threats, one thing remains clear: the exploitation of legitimate services for malicious activities remains a significant concern.
A new and concerning trend has emerged in the world of Android malware. Threat actors are increasingly utilising a technique known as versioning to bypass Google Play Store's malware detection and pose a serious threat to Android users.
According to the Google Cybersecurity Action Team, this technique, highlighted in August 2023, is not only sneaky but also challenging to detect.
In versioning attacks, developers release an app on the Play Store that initially passes Google's pre-publication checks. However, at a later stage, a malicious component is introduced through an update.
Earlier this year, cybersecurity firm ESET uncovered a case involving a screen recording app named "iRecorder - Screen Recorder."
The app remained innocuous for almost a year before malicious changes were made to covertly spy on its users.
Another instance is the notorious SharkBot, which repeatedly infiltrated the Play Store disguised as security and utility apps.
This financial trojan executes unauthorised money transfers using the Automated Transfer Service protocol.
In response to these emerging threats, cybersecurity experts emphasise the need for defence-in-depth principles.
For instance, it is crucial to limit app installation sources to trusted platforms like Google Play or to manage corporate devices via mobile device management (MDM) platforms.
To mitigate potential risks, Android users are advised to stick to trusted sources for downloading apps and to activate Google Play Protect. This feature helps users receive notifications when a potentially harmful app is detected on their devices.
*Subscribe to our newsletter
.svg)
.png)
.png)
