A Review of the Best News of the Week on Cyber Threats & Defense

Iran- and China-backed phishers try to hook the Trump and Biden campaigns (Ars Technica, Jun 08 2020)
It’s starting to feel a lot like 2016.

Huge Rise in Enterprise Mobile Phishing During Q1 of 2020 (Infosecurity Magazine, Jun 02 2020)
New report shows 37% rise in mobile phishing encounters in Q1 of 2020

Exploit code for wormable flaw on unpatched Windows devices published online (Ars Technica, Jun 06 2020)
Once elusive, remote code execution is looking increasingly likely.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~14,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Large Scale Attack Campaign Targets Database Credentials (Wordfence, Jun 03 2020)
Between May 29 and May 31, 2020, the Wordfence Firewall blocked over 130 million attacks intended to harvest database credentials from 1.3 million sites by downloading their configuration files.

The peak of this attack campaign occurred on May 30, 2020. At this point, attacks from this campaign accounted for 75% of all attempted exploits of plugin and theme vulnerabilities across the WordPress ecosystem.

Chasing RobbinHood: Up Close with an Evolving Threat (Dark Reading, Jun 03 2020)
A security researcher details how RobbinHood has changed and why it remains a threat for businesses to watch.

Chinese Hackers Target Air-Gapped Systems With Custom USB Malware (SecurityWeek, Jun 04 2020)
For years, a China-linked threat actor named Cycldek has been exfiltrating data from air-gapped systems using a previously unreported, custom USB malware family, Kaspersky reports.

Understanding cyber threats to APIs (Help Net Security, Jun 05 2020)
This is the fourth of a series of articles that introduces and explains API security threats, challenges, and solutions for participants in software development, operations, and protection. Security issues for APIs

Nest users now covered by Google’s ultra-secure Advanced Protection Program (Ars Technica, Jun 01 2020)
APP is the most effective way to prevent hijackings. So what are you waiting for?

IP-in-IP Vulnerability Affects Devices From Cisco and Others (SecurityWeek, Jun 02 2020)
A vulnerability related to the IP-in-IP tunneling protocol that can be exploited for denial-of-service (DoS) attacks and to bypass security controls has been found to impact devices from Cisco and other vendors.

Malware Campaign Hides in Resumes and Medical Leave Forms (Dark Reading, Jun 04 2020)
The campaigns have been part of the overall increase in coronavirus-related malware activity.

IBM Releases Open Source Toolkits for Processing Data While Encrypted (SecurityWeek, Jun 05 2020)
IBM this week announced the availability of open source toolkits that allow for data to be processed while it’s still encrypted.

IT Services Firm Conduent Felled by Maze Ransomware (Infosecurity Magazine, Jun 08 2020)
Firm’s European operations suffer 10-hour outage

Securing Work from Home Wi-Fi Access (SC Media, Jun 08 2020)
Wi-Fi networks, whether in public or private, are by their very nature dirty. Security professionals warn that every network carries inherent risk to our devices, data and resources, because they are exposed a myriad of attacks, including these “Dirty Half Dozen” Wi-Fi risks: eavesdropping; exploits; evil-twin Wi-Fi; lateral network infections; DNS hijacking; and scanning, enumerating…

High-severity bugs patched in Chrome, Firefox browsers (SC Media, Jun 05 2020)
Google this week introduced multiple security fixes for the desktop edition of its Chrome browser and Mozilla has also done the same for Firefox and Firefox Extended Support Release. Google’s stable channel update to version 83.0.4103.97 for Windows, Mac, and Linux has patched six bugs, four of which were rated high in severity.