Internet Security Week

Internet Safety Week – Issue 147

December 19, 2022

3 minutes reading

In the 147th edition of Internet Security Week , Uber suffers a new data leak, fake ransomware, malware using Microsoft certificate, a new Google tool that searches for vulnerabilities in open source software and much more.

News

Phishing attack uses Facebook posts to bypass email security

A new phishing campaign uses Facebook posts as part of its attack chain to trick users into providing their account credentials and personally identifiable information.

By Bill Toulas at Bleeping Computer

Uber suffers new leak involving employee data

The information was published this weekend on a cybercriminal forum on the surface web and includes reports, financial data, details of the Information Technology (IT) infrastructure and even records of destroyed documents and source codes related to the transport application and also to Uber Eats, a delivery service.

By Felipe Demartini on Canaltech

Over 85% of attacks are hidden behind encrypted channels

The vast majority of cyberattacks last year used TLS/SSL (Transport Layer Security/Secure Sockets Layer) encryption to hide from security systems and teams, according to a new report from Zscaler. The cybersecurity vendor analyzed 24 billion threats blocked between October 2021 and September of this year to compile its new report, titled "State of Encrypted Attacks 2022."

In CISO Advisor

CryWiper: the fake ransomware

The new CryWiper malware irreversibly corrupts files posing as ransomware. At first glance, this malware looks like ransomware: it modifies files, adds an additional extension, and saves a README.txt file with a ransom note containing the Bitcoin wallet address, the malware creators' contact email address, and the infection ID.

In Kaspersky Daily

Infinite Mint Attack: What It Is and How It Can Affect a Token's Value

This type of attack occurs when cybercriminals manage to compromise the blockchain, exploiting vulnerabilities that allow them to mint a large number of tokens in order to cause a drop in the price of the affected crypto asset.

In We Live Security

Hackers leak personal information allegedly stolen from 5.7 million Gemini users

Crypto exchange Gemini announced this week that customers were targeted by phishing campaigns after a threat actor collected their personal information from a third-party vendor.

By Ionut Ilascu in Bleeping Computer

Data from 623,000 patients at the second-largest hospital chain in the US is exposed.

The data of 623,000 patients and caregivers who passed through the American hospital and healthcare network CommonSpiritHealth was accessed by cybercriminals. The exposure stems from an attack recorded in October of this year, which also caused interruptions in electronic services and outages in the technology systems of hundreds of facilities within the network.

By Felipe Demartini on Canaltech

Malware hides using Microsoft certificate

A report has been published claiming that malicious code has been found in drivers signed with legitimate Microsoft-issued digital certificates. The discovery stemmed from an attempted ransomware attack in which cybercriminals used a driver with a Windows Hardware Compatibility Publisher certificate.

In CISO Advisor

The antidote to operational technology conservatism

All the information about protecting and updating your OT infrastructure, with a general summary of why your antivirus might be “dead”.

By Eugene Kaspersky in Kaspersky Daily

Fantasy: Agrius Group's New Wiper Spread in Supply Chain Attack

The ESET research team analyzed a supply chain attack that leveraged Israeli software to deploy Fantasy, a wiper-type malware that targeted, among other victims, the diamond industry.

By Adam Burgher in We Live Security