This Week in Security News – July 16, 2021 VP, Threat Intelligence

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about the underground exploit market and how organizations can protect their systems against N-day vulnerabilities being bought and sold in the underground. Also, read how scammers are falsely promising social media verification for money or personal information.

Read on:

Trends and Shifts in the Underground N-Day Exploit Market

The cybercriminal underground hosts a vast market of zero-day and N-day exploits, where the price for an exploit is often dictated by how long it has been out and whether a patch for the exploited vulnerability is available. Over the past two years, Trend Micro scoured underground forums for N-day exploits to determine how long they stayed in the market and examined their life cycle to see whether malicious actors strictly favored newer exploits or also had uses for older ones.

Scams Make Getting Verified on Instagram, Facebook, Twitter a Minefield

Almost every major platform offers verification in some form. Originally intended to authenticate accounts deemed to be of public interest, the badges have morphed into status symbols that give social media users bragging rights. That’s provided ample opportunity for scammers, who manipulate aspiring but unsuspecting users pursuing careers as influencers or creators. Scammers and hackers try to lure social media users who want to get verified into handing over their personal information.

Main Considerations for Securing Enterprise 5G Networks

5G brings countless benefits to enterprises through its scalability, speed and connectivity. However, these very same features might amplify the damage caused by threats if malicious actors infiltrate 5G systems. Security should be a prime concern for enterprises that use 5G networks. In this blog, learn more about the pressing security considerations for enterprise 5G networks.

Malware Exploits Live Stream App

Newly uncovered malware dubbed “BioPass” is targeting Chinese online gambling companies to capture private data from their clients, Trend Micro says. The malware exploits popular livestreaming and video recording app Open Broadcaster Software Studio to steal victims’ web browser and instant messaging data, which can potentially be used for further exploitation.

Tesla “Recalls” Vehicles in China due to Safety Glitch

China had Tesla recall more than 200,000 of its Model 3 and Model Y cars because of a software glitch that could enable passengers to accidentally activate autopilot. However, the recall is not traditional—customers won’t have to return their purchased Teslas for a refund or upgrade, instead the glitch will be patched remotely through an update free of charge. This blog further explores the potential security risks of connected cars.

Ransomware: Only Half of Organizations Can Effectively Defend Against Attacks, Warns Report

According to a new report from Trend Micro, organizations are failing to notice suspicious activity that could indicate a ransomware attack – but there are ways to improve your defenses. For example, the report warns that many organizations struggle with detecting the suspicious activity associated with ransomware and attacks that could provide early evidence that cyber criminals have compromised the network.

With 5G Coming, It’s Time to Plug Security Gaps

Businesses primarily choose private networks to exercise greater control—enabling them to lower traffic latency while enhancing availability, security, privacy and compliance. In this context, security will be an increasingly important differentiator for operators. With 5G introducing new risks, many are finding they don’t have the visibility, tooling or resources to manage such networks securely. A new report from Trend Micro and GSMA Intelligence highlights many of these challenges.

SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack

SolarWinds has issued a hotfix for a zero-day remote code execution (RCE) vulnerability already under active, yet limited, attack on some of the company’s customers. SolarWinds does not currently know many customers may be directly affected by the flaw, nor has it identified the ones who were targeted. The company is recommending that all customers using the affected products update now, which can be done by accessing the company’s customer portal.

July Patch Tuesday: DNS Server, Exchange Server Vulnerabilities Cause Problems

After two relatively quiet months, July has proven to be another busy month for Microsoft security bulletins. A total of 117 bulletins were issued for various security vulnerabilities fixed in the July Patch Tuesday cycle. Thirteen of these were rated as Critical, 103 as Important, and one was classified as Moderate. Fifteen were submitted via the Trend Micro Zero Day Initiative.

Researchers Find Big Flaw in a Schneider Electric ICS System Popular in Building Systems, Utilities

A vulnerability in Schneider Electric computer control systems, popular in heating, air conditioning and other building systems, could allow hackers to take control of them. The remote code execution vulnerability puts millions of devices at risk. The vulnerability could be used to deploy a variety of attacks, from launching ransomware to altering the commands to machinery.

Survey: Phishing & Ransomware Attacks are Top Concerns

The latest research report from Osterman Research, How to Reduce the Risk of Phishing and Ransomware, included a survey that shows phishing and ransomware are two of the top threats cyber professionals are concerned about every single day and can lead to significant challenges for the victim organization.

Constant Ransomware Business Refinements Boosting Profits

One of the unfortunate success stories of the coronavirus era has been ransomware, as evidenced by its ability to dominate headlines during the pandemic. Credit criminals find innovative new ways to extort victims, develop technically and sidestep skills shortages by delivering ransomware as a service while too many of their targets still fail to get the basics right.

ETSI Publishes IoT Testing Specs for MQTT, COAP

On June 25, 2021, ETSI released its new IoT Testing Specifications completed by the organization’s committee on Methods for Testing and Specifications. The documents contain seven standards addressing the testing of the IoT MQ Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP) protocols and the foundational security IoT-Profile.

#NoFilter: Exposing the Tactics of Instagram Account Hackers

This blog examines another Instagram account hacking campaign carried out by individual actors or by hacking groups. For maximum impact, the hackers behind this campaign hound social media influencers, a pattern that has also been seen in past campaigns. Having amassed thousands, if not millions, of followers and often earning from brand deals, affiliate marketing, and other means, influencers have a lot to lose should their accounts get compromised.

What are your thoughts on the cybercriminal underground exploit market? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

Read More HERE