Blacksite’s Intelligence Report – Week of April 25th, 2022
The Blacksite Weekly Intelligence Report
Top Exploited Vulnerabilities Revealed for 2021
Cybersecurity authorities worldwide have released a list of the top 15 vulnerabilities routinely exploited by threat actors during 2021. The list includes attacks on internet-facing systems, including email and virtual private network (VPN) servers, using exploits targeting newly disclosed vulnerabilities. The joint advisory includes mitigation measures that should help decrease the risk associated with the topmost abused flaws. The US, Australian, Canadian, New Zealand, and UK cybersecurity agencies have also identified and revealed 21 additional security vulnerabilities commonly exploited by bad cyber actors in 2021.
More information: https://www.cisa.gov/uscert/ncas/alerts/aa22-117a
Play Store Forces Apps to Disclose Collected Data
Google is rolling out a new Data Safety section on the Play Store, Android’s official app repository, where developers must declare what data their software collects from users of their apps. Developers can begin declaring how collected data is used starting today, with the deadline to complete their submissions being July 20th, 2022. Google has said that developers would provide this information themselves, which Google will not confirm. A similar feature called ‘Privacy Nutrition Labels’ was already introduced by Apple in 2020.
More information: https://android-developers.googleblog.com/2021/05/new-safety-section-in-google-play-will.html
Google AMP Tracking Blocked by Various Browsers
Brave and DuckDuckGo have announced launching features to block Google AMP Tracking technology. Both browsers announced this move around the same time in a bid to enhance users’ privacy against Google tracking. Brave will now redirect users away from AMP pages before the page is even rendered. The tech giant launched this feature in 2015 to accelerate searching activities for mobile users. Google claimed that AMP HTML would allow pages to load quickly on mobile devices. It soon raised concerns for privacy-savvy users as the feature seemingly facilitated user tracking.
More information: https://twitter.com/DuckDuckGo/status/1516534351974092805
Beware of Fake Windows 11 Upgrade Malware
A new malicious campaign is in the wild, targeting Windows users. Posing as a Windows 11 upgrade offer, the fake tool embeds the malware aiming to steal data from target devices. Being new, this malware currently escaped AV detection. Users must remain vigilant and avoid unofficial Windows 11 resources to avoid such threats. The malware stores all the stolen information in the Temp directory, ultimately sending it to the attackers’ C&C server. The attackers have strived to escape detection by checking if the incoming request doesn’t come from a VPN or TOR browser.
More information: https://cloudsek.com/whitepapers_reports/information-stealer-targets-crypto-wallets-via-fake-windows-11-update/
Russian Hackers Look for Money Laundering Alternatives Amid Strict Restrictions
Russian cybercrime community is turning to alternative money-laundering methods due to sanctions on Russia and law enforcement actions against dark web markets. Russian hackers have mostly turned to Chinese payment systems, including Chinese banks and the Union Pay cards system. Darknet coin-mixing and cash-out services are among the few options available. Cybercriminals responded to this situation by adopting a long-term approach and investing in gold or storing their cryptocurrency in cold wallets until conditions change. The situation is unlikely to have an impact on financially motivated threat activity.
More information: https://www.flashpoint-intel.com/blog/russias-ukraine-war-is-complicating-cybercriminal-money-laundering/
Hack DHS Bug Bounty Hunters find 122 Security Vulnerabilities in DHS Systems
The Department of Homeland Security (DHS) has found 122 security vulnerabilities in external DHS systems, 27 of them rated critical severity. The ‘Hack DHS’ bug bounty program was announced in December 2021 and awarded a total of $125,600 to over 450 vetted security researchers and ethical hackers, with rewards of up to $5,000 per bug. The program builds upon the experience of similar efforts across the US federal government (e.g., the ‘Hack the Pentagon’ program) and the private sector.
More information: https://www.dhs.gov/news/2022/04/22/hack-dhs-program-successfully-concludes-first-bug-bounty-program
Cyber Risk Management Doesn’t Have To Be Difficult …
How Blacksite ZTNA Can Help Protect Your Business Against Cyber Threats
The first step in protecting your company against cyber threats is to make sure you have a solid cybersecurity plan. A cybersecurity plan helps you make sure that your company has the proper safeguards in place to protect your business. Expert security company Blacksite can help you with all your cybersecurity needs. At Blacksite we can help your company develop a cybersecurity plan that is tailored to your business needs. Blacksite implements the latest ZTNA technology to keep your business apps, data, and services safe from prying eyes and potential cybersecurity threats that you might experience in the future. Blacksite specializes in providing cybersecurity solutions in data protection, risk management, encryption, cyber security strategy, and cyber security education at an affordable price to accommodate your business whether it’s a small family owned to that of the size of a fortune 500.
More information: https://blacksite.solutions/products
Please contact us and we’ll be glad to assist you.
Become invisible, become secure.