.png)
👋 Welcome to the 13th edition Cyber Weekly Digest of 2024.
We're all keen for the 4 day, chocolate egg fuelled Easter weekend so let's crack on...
Firstly a huge THANK YOU to everyone that joined us for "Cyber Security... Is no joke!" last night in Edinburgh. Scot Secure was most excellent and the amount of industry folk that joined us last night was the icing on the haggis. Great vibes all round!
Next up is Glasgow (more info to follow soon) but after the success of our first two events keep your eyes peeled for a cyber comedy night near you!
Whether you're off camping (in this great British weather), catching up on DIY, Netflix and chill-ing, eating your body weight in chocolate or you've got to work (sad face) we hope you have a good one.
New and noteworthy this week:
There is no stopping One Identity as they accelerate business momentum with industry leading recognitions and product launches! You can read all about their recent milestones and proudest achievements from the last few months here
If you're heading to UK Cyber Week on 17-18th April at Olympia London, catch CultureAI at stand C9 for a live demo of their Human Risk Management Platform. Gain real-time visibility of your workplace security risks, deliver targeted coaching and automate fixes. Can't wait until then... you can request a demo here
24 hours a day, 7 days a week, 365 days a year, Abnormal is detecting and stopping countless email attacks. If you haven't already check out their latest blog post to see examples of real credential phishing, BEC, VEC and malware attacks that have been stopped by Abnormal in 2024 so far.
Last but not least... ⭐️ huge CONGRATULATIONS to ThreatAware who have just announced their well deserved win for Best Cybersecurity Innovation at the 2024 Cybersecurity and Resilience Awards. We couldn't be more thrilled for CEO Jon Abbott and his team.
Now, let's take a look at our Cyber Weekly Digest, highlighting our top cyber security news picks of the week.
This week over 500 million registered users and 166 million monthly players of Minecraft (come on, hands up) were warned about DDoS attacks, we heard about a somewhat spooky sounded phishing-as-a-service attack and why we should be wary of TheMoon!
Keep reading to stay up to date on the latest cyber security news.
Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game's reputation. Despite the prevalence of DDoS attacks on the game, the majority of incidents go unreported, leaving a gap in awareness and protection. This article explains what happens to a Minecraft server during a DDoS attack and how to protect against such attacks. For an in-depth version of the article, check out this white paper.
Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report published today. "These campaigns come in the form of spam emails with attachments that eventually launch the StrelaStealer's DLL payload," researchers Benjamin Chang, Goutam Tripathy, Pranay Kumar Chhaparwal, Anmol Maurya, and Vishwa Thothathri said.
A new phishing-as-a-service (PhaaS) named ‘Darcula’ uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries. Darcula has been used against various services and organizations, from postal, financial, government, taxation departments, to telcos, airlines, utility, offering fraudsters over 200 templates to choose from. One thing that makes the service stand out is that it approaches the targets using the Rich Communication Services (RCS) protocol for Google Messages and iMessage instead of SMS for sending phishing messages.
Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients. Last year's count reached 97 zero-days exploited in attacks, representing a surge of over 50 percent compared to the previous year's 62 vulnerabilities. Despite this rise, the figure remains below the peak of 106 zero-day bugs exploited in 2021. Mandiant and TAG collectively discovered 29 instances out of 97 vulnerabilities, with 61 affecting end-user platforms and products (including mobile devices, operating systems, browsers, and various other apps).
A new variant of "TheMoon" malware botnet has been spotted infecting thousands of outdated small office and home office (SOHO) routers and IoT devices in 88 countries.
TheMoon is linked to the "Faceless" proxy service, which uses some of the infected devices as proxies to route traffic for cybercriminals who wish to anonymize their malicious activities. Black Lotus Labs researchers monitoring the latest TheMoon campaign, which started in early March 2024, have observed 6,000 ASUS routers being targeted in under 72 hours.
