Logo Logo
  • Home
  • Modshield SB
  • services
    • Application Security Testing
    • IoT Security Testing
    • Infrastructure Security Testing
    • Testing for Compliance
    • Red Team Exercise
    • Performance Testing
  • Training
    • Cybersecurity Awareness Program
    • Cybersecurity For Developers(Web Application)
    • Cybersecurity For Developers(Mobile Application)
  • Resources
    • Blog
    • CyberNews
  • About
    • Partners
    • Contact

Top CyberNews September 2021 – Week 4

  • Home
  • Blog Details
September 28 2021
  • CyberNews

Cyberthreats are getting higher every year. Here are some that will get your attention.

Android Malware Steals Financial Data from 378 Financial Apps

The operators behind the BlackRock mobile malware have surfaced back with a new Android banking trojan called ERMAC that targets Poland and has its roots in the infamous Cerberus malware, according to the latest research.

CyberNews September - Android Malware Steals Financial Data from 378 Financial Apps

“The new trojan already has active distribution campaigns and is targeting 378 banking and wallet apps with overlays,” ThreatFabric’s CEO Cengiz Han Sahin said in an emailed statement. First campaigns involving ERMAC are believed to have begun in late August under the guise of the Google Chrome app.

Since then, the attacks have expanded to include a range of apps such as banking, media players, delivery services, government applications, and antivirus solutions like McAfee.

source: thehackernews.com

New zero-day is being exploited to compromise Macs

Another zero-day in Apple’s software (CVE-2021-30869) is being actively exploited by attackers, forcing the company to push out security updates for macOS Catalina and iOS 12.

CyberNews September 2021 – Week 4 - New zero-day is being exploited to compromise Macs

About CVE-2021-30869
Flagged by researchers Erye Hernandez and Clément Lecigne of Google’s Threat Analysis Group and Ian Beer of Google Project Zero, the vulnerability is a type confusion issue found in XNU, the kernel of Apple’s macOS and iOS operating systems.

As usual, Apple did not share any details about the flaw and said only that it allows a malicious application to execute arbitrary code with kernel privileges.

Another Google TAG threat analyst shared that CVE-2021-30869 is being exploited in conjunction with previously known WebKit vulnerabilities, and said that more details will be released after 30 days.

source: helpnetsecurity.com

2021 has broken the record for zero-day hacking attacks

A zero-day exploit—a way to launch a cyberattack via a previously unknown vulnerability—is just about the most valuable thing a hacker can possess. These exploits can carry price tags north of $1 million on the open market.

CyberNews September 2021 - 2021 has broken the record for zero-day hacking attacks

And this year, cybersecurity defenders have caught the highest number ever, according to multiple databases, researchers, and cybersecurity companies who spoke to MIT Technology Review. At least 66 zero-days have been found in use this year, according to databases such as the 0-day tracking project—almost double the total for 2020, and more than in any other year on record.

But while the record-setting number grabs attention, it can be hard to know what it tells us. Does it mean there are more zero-days being used than ever? Or are defenders better at catching the hackers they would have previously missed?

“An increase is for sure what we’re seeing,” says Eric Doerr, vice president of cloud security at Microsoft. “The interesting question is what does it mean? Is the sky falling? I’m in the camp of ‘Well, it’s nuanced.’”

source: technologyreview.com

Previous Post Next Post

Leave a Comment

Recent Posts

  • SOC 2 Compliance – Complete Guide
  • What is compliance and why do you need it?
  • OWASP WAF – Web Application Firewall
  • Top Cyber News April Week 3
  • Top Cyber News April Week 2

Recent Comments

  1. Vishnu on IEC 62443 – Cybersecurity for Industrial Automation and Control Systems

Archives

  • July 2022
  • June 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • June 2020

Categories

  • Blog
  • CyberNews
© Copyright 2020. Anada WordPres Theme By WordPressRiver