ARTICLES & INSIGHTS

The Week In Review 22/02 – 26/02

Recently, there has been a large increase in targeting vital organisations or governmental structures, using recent news events to deceive the targets.

Critical National infrastructures are, as always, the target of state-sponsored attacks. One of the recent examples is ThreatNeedle malware, from the Lazarus Group (North Korean) that targets Defense Firms using the COVID pandemic as a theme in their emails containing a malicious attachment.

Last week you might have seen news about a small town in Florida that had their drinking water turned into poisoned after a hacker accessed the server of the water company, increasing the dosage of Sodium hydroxide. Meanwhile, Austin Energy customers, already hit by a ferocious storm a few days ago fearing an electricity cut, were targeted by a scam. The imposters were threatening to cut the power to the users.

Unsurprisingly, cryptocurrencies are, as always, the target of tremendous crypto-mining botnets. One of the latest big news is around Watchdog. This malware has been stealthily running for more than two years and is now hard to stop. The target of its malicious actions is, for now, cryptojacking but researchers have shown that there is a risk to have a larger impact in the future for hackers to find identity and access management (IAM) data. This would be the results of the installation of Watchdog on compromised cloud systems.

We have seen a change in the web attacks throughout 2020 and some reports show a changing top 10 hacking techniques. SQL injection and XXE vulnerabilities are slowly becoming obsolete, and we might see them less in the future. Conversely, we see more and more variation of previously known vulnerabilities being re-used as new exploits. This is for example the case of H2C Smuggling becoming number one of this new top 10. This HTTP2 Cleartext smuggling purpose is to create a tunnel from the front-end side to the back-end side, allowing attackers to bypass the front-end protocols. As a result, hackers could perform actions as if they were in the back-end side of the application.

Read about all of this and more below:

Hackers try to poison Florida citizens through Cyber Attack.

(cybersecurity-insiders.com)

Texas electric company warns of scammers threatening to cut power.

(bleepingcomputer.com)

Windows, Linux Devices Hijacked In Two-Year Cryptojacking Campaign. 

(threatpost.com)

H2C smuggling named top web hacking technique of 2020.

(portswigger.net)

Top 10 web hacking techniques of 2020.

(portswigger.net)

North Korean Hackers Targeting Defense Firms with ThreatNeedle Malware

(thehackernews.com)