This Week in Security News: Banking Malware and Phishing Campaigns

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the banking malware Anubis that has been retooled for use in fresh attack waves. Also, read about a new phishing campaign that uses OneNote audio recordings to fool email recipients.

Read on:

New Miori Variant Uses Unique Protocol to Communicate with C&C

A Mirai variant called Miori recently reappeared, though it has departed from the usual binary-based protocol and instead uses a text-based protocol to communicate with its command-and-control (C&C) server.

Anubis Android Malware Returns with Over 17,000 Samples

The attacker behind the malware Anubis has retooled it, changing its use from cyberespionage to banking malware, combining information theft and ransomware-like routines. Trend Micro recently discovered 17,490 new samples of Anubis on two related servers.  

DevOps Will Fail Unless Security and Developer Teams Communicate Better

According to a Trend Micro survey of IT leaders, DevOps initiatives have become important for 74 percent of organizations over the past year, but communication must improve for DevOps to be successful.

July’s Patch Tuesday Fixes Critical Flaws in Microsoft Edge and Internet Explorer, Including 2 Exploited Vulnerabilities

Microsoft’s July Patch Tuesday release includes updates for almost 80 vulnerabilities, along with two advisories. Other flaws in Azure Automation, Docker, DirectWrite, DirectX, SymCrypt, Windows DNS Server, and Windows GDI have also been resolved.

Nexus Repository Manager Vulnerabilities CVE-2019-9629 and CVE-2019-9630 Could Expose Private Artifacts

Two vulnerabilities were uncovered in Sonatype’s Nexus Repository Manager (NXRM), an open-source governance platform used by DevOps professionals for component management. The vulnerabilities result from the poor configuration of the repository manager’s default settings.

British Airways Faces Record £183m Fine for Data Breach

British Airways is facing a record fine of £183m for last year’s breach of its security systems when details of about 500,000 customers were harvested by attackers through a fraudulent site.

Powload Loads Up on Evasion Techniques

By sifting through six months’ worth of data covering over 50,000 samples from the Trend Micro Smart Protection Network infrastructure, Trend Micro gained insight into how Powload, a cybercrime staple, has incorporated new techniques to increase its effectiveness, especially in its ability to hide from detection.

Microsoft Discovers Fileless Malware Campaign Dropping Astaroth Info Stealer

The Microsoft Defender ATP Research Team released a report covering a malware campaign that dropped the Astaroth trojan into the memory of infected computers by using fileless distribution techniques to hide its activities from security solutions.

New Phishing Campaign Uses OneNote Audio to Lure Users to Fake Microsoft Login Page

In a new phishing campaign reported by Bleeping Computer, audio recordings purportedly shared via OneNote were used as a lure to lead email recipients to a fake Microsoft login page that steals user account credentials.

Zoom Flaw Turns Mac Cam into Spy Cam

A security researcher has found a flaw in the popular video conferencing app Zoom that allows any website to forcibly join a user to a Zoom call, with their video camera activated, without a user’s permission.

New Godlua Backdoor Found Abusing DNS Over HTTPS (DoH) Protocol

A newly discovered backdoor malware dubbed Godlua was discovered conducting DDoS attacks on outdated Linux systems through a vulnerability in the Atlassian Confluence Server.

Where Will Ransomware Go in The Second Half Of 2019?

Based on the latest trends, Trend Micro predicts the threat of ransomware will grow in the second half of 2019 and will continue to shift and change over the coming years.

Migrating Network Protection to the Cloud with Confidence

Trend Micro’s Cloud Network Protection is the first transparent, in-line network security offering for AWS customers: simple to deploy and manage, cloud-ready and leveraging industry leading expertise in network threat protection.

Marriott Faces $123 Million GDPR Fine in the UK for Last Year’s Data Breach

The UK’s Information Commissioner’s Office (ICO) intends to impose a fine of £99,200,396 ($123,705,870) on international hotel chain Marriott for last year’s data breach that impacted 383 million people.

eCh0raix Ransomware Found Targeting QNAP Network-Attached Storage Devices

A newly uncovered ransomware family called eCh0raix, designed for targeted ransomware attacks similar to how Ryuk or LockerGoga were used, is now targeting QNAP network-attached storage (NAS) devices.

Which newly discovered ransomware did you find most interesting this week? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

Read More HERE