ARTICLES & INSIGHTS

The Week In Review 19/04 – 23/04

It probably comes as no surprise to hear that 2020 broke all sorts of records for all of the wrong reasons when it came to cyber security. 514 new malware variants were deployed, with 81% of these being privately developed and deployed. Worryingly, there are 1,900 hacker groups in existence comprised of APT’s, financially motivated actors, and uncategorized groups, this significant rise in the number of threat actors correlates with the sharp rise in cyber incidents globally. Another staggering fact that came to light was that more than 1 in 2 Indian adults fell victim to a hack within the last 12 months. This news comes some months after the Indian Government announced their Cyber education initiative to better equip its citizens to be able to identify and avoid cyber threats online. The latest figures support the data suggesting that active cyber criminal groups are at an all time high and continue to grow.

In recent weeks Facebook, WhatsApp and Android have been covered in the media for their various product and platform security flaws, this week Apple makes the headlines. A research team has uncovered a concerning array of privacy weaknesses with the “AirDrop” file sharing service on Apple’s products, which Apple have yet to address. The vulnerability itself means that senders of these files are at risk of sharing their contact details in a way that they can be obtained in an unencrypted state. The chances of them occurring to a user is, admittedly, slim but pose a concerning vulnerability should Apple not look to appropriately remediate it as is being claimed. Similarly, Telegram, who has also featured in our round-ups for several vulnerabilities makes yet another appearance. This time around, the messenger app has been found to be used by cyber criminals as a “command-and-control” system, abusing the messenger app to facilitate their malicious activities. Security firm CheckPoint have detected no less than 130 remote access trojan attacks named “ToxicEye” being delivered in this method. Due to the nature of Telegram, the attackers are able to remain totally anonymous and deploy these attacks from infected devices across the globe.

How effectively would your organisation respond to a real life cyber attack? Find out with Dionach’s Red Team Engagement designed to simulate a real cyber attack from your most likely threat actors. 

Read about all of this and more below:

US takes steps to protect electric system from cyberattacks
(securityweek.com)

Russian hacking group targets Ukranian officials
(cyberscoop.com)

1 in 2 Indian adults fell victim to cyber crime in the last year
(indiatimes.com)

Cyber criminals use telegram to control ToxicEye malware
(thehackernews.com)

Apple AirDrop vulnerability uncovered
(theregister.com)

SolarWinds hack analysis reveals a 56% boost in command server footprint
(zdnet.com)

Record number of cyber criminal groups active
(cyware.com)