The Blacksite Weekly Intelligence Report:
Week of October 31st, 2022
Samsung Galaxy Exploit Allows Targeted Remote Installation of Malware
Hacker’s Selling Access to Hundreds of Corporate Networks for Millions
Israeli cyber-intelligence firm KELA published its Q3 2022 ransomware report, reflecting stable activity in the sector of initial access sales but a steep rise in the value of the offerings. The average selling price of these listings was $2,800, while the median selling price reached a record figure of $1,350. Average time to sell corporate access was just 1.6 days, while most were of RDP and VPN types. The most targeted country was the United States, accounting for 30.4% of all IAB offerings.
Chinese Hackers Using LODEINFO Malware Against Japanese Government and Officials
The Chinese state-sponsored threat actor Stone Panda has been observed employing a new stealthy infection chain in its attacks aimed at Japanese entities. The latest set of attacks involve the use of a bogus Microsoft Word file and a self-extracting archive (SFX) file in RAR format propagated via spear-phishing emails. The group has also been linked to attacks using malware families like SigLoader, SodaMaster, and a web shell called Jackpot against multiple Japanese domestic organizations since April 2021.
More information: https://securelist.com/apt10-tracking-down-lodeinfo-2022-part-i/107742/
Dropbox Breach Allowed Hackers to Access 130 Unauthorized Source Code Repositories
Dropbox says it was the victim of a phishing campaign that allowed unidentified threat actors to gain unauthorized access to 130 of its source code repositories on GitHub. The breach resulted in the access of API keys used by Dropbox developers as well as “a few thousand names and email addresses belonging to Dropbox employees, current and past customers, sales leads, and vendors”. The company did not reveal how many of its employees fell for the phishing attack, but said it took prompt action to rotate all exposed developer credentials.
U.S Government Employees Experience Mobile Malware Attacks Due to Outdated Phones
Almost half of Android-based mobile phones used by U.S. state and local government employees are running outdated versions of the operating system, exposing them to hundreds of vulnerabilities that can be leveraged for attacks. The statistics come from a report by cybersecurity firm Lookout, based on an analysis of 200 million devices and 175 million applications from 2021 to 2022. The report additionally warns of a rise in all threat metrics, including reliance on unmanaged mobile devices, and liability points in mission-critical networks.
More information: https://www.lookout.com/form/threats-government-threat-report-lp
Hundreds of U.S News Sites Push Malware to Visitors
More information: https://twitter.com/threatinsight/status/1587865920130752515
How Blacksite ZTNA Can Help Protect Your Business Against Cyber Threats
The first step in protecting your company against cyber threats is to make sure you have a solid cybersecurity plan. A cybersecurity plan helps you make sure that your company has the proper safeguards in place to protect your business. Expert security company Blacksite can help you with all your cybersecurity needs. At Blacksite we can help your company develop a cybersecurity plan that is tailored to your business needs. Blacksite implements the latest ZTNA technology to keep your business apps, data, and services safe from prying eyes and potential cybersecurity threats that you might experience in the future. Blacksite specializes in providing cybersecurity solutions in data protection, risk management, encryption, cyber security strategy, and cyber security education at an affordable price to accommodate your business whether it’s a small family owned to that of the size of a fortune 500.
More information: https://blacksite.solutions/products
Please contact us and we’ll be glad to assist you.
Become invisible, become secure.