Phishing campaign targets organizations in COVID-19 vaccine cold chain, Russian hacking group uses Dropbox to store malware-stolen data, and more

Originally published at: https://cloudsek.com/threatintel/phishing-campaign-targets-organizations-in-covid-19-vaccine-cold-chain-russian-hacking-group-uses-dropbox-to-store-malware-stolen-data-and-more/

Round Up of Major Breaches and Scams

Mysterious phishing campaign targets organizations in COVID-19 vaccine cold chain

IBM’s cyber-security division says that hackers are targeting companies associated with the storage and transportation of COVID-19 vaccines using temperature-controlled environments, also known as the COVID-19 vaccine cold chain.

North Korea-linked hackers targeted J&J, Novavax in hunt for COVID research

Suspected North Korean hackers have recently tried to break into at least nine health organizations, including pharmaceutical giant Johnson & Johnson and vaccine developer Novavax Inc, revealing a broader effort to target key players in the race to develop treatments for COVID-19.

Cyberespionage APT group hides behind cryptomining campaigns

An advanced threat group called Bismuth recently used cryptocurrency mining as a way to hide the purpose of their activity and to avoid triggering high-priority alerts. Coin mining is typically regarded as a non-critical security issue, so the method allowed the actor to establish persistence and move laterally on the compromised network.

Round Up of Major Malware and Ransomware Incidents

Ransomware gang says they stole 2 million credit cards from E-Land

Clop ransomware is claiming to have stolen 2 million credit cards from E-Land Retail over a one-year period ending with last month’s ransomware attack. E-Land Retail, a subsidiary of E-Land Global, operates numerous retail clothing stores, including New Core and NC Department Store.

Russian hacking group uses Dropbox to store malware-stolen data

Russian-backed hacking group Turla has used a previously undocumented malware, named Crutch by its authors, toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of a European Union country.

Round Up of Major Vulnerabilities and Patches

Xerox DocuShare Bugs Allows Data Leaks

Xerox issued a fix for two vulnerabilities impacting its market-leading DocuShare enterprise document management platform. The bugs, if exploited, could expose DocuShare users to an attack resulting in the loss of sensitive data.

1 Like