Over the past two weeks, we selected the cybersecurity highlights such as “Tractors vs. threat actors: How to hack a farm”, “ChatGPT shows promise of using AI to write malware” and more.
For more articles, check out our #onpatrol4malware blog.
DEV-0569 group uses Google Ads to distribute Royal Ransomware
Source: Security Affairs
Researchers from the Microsoft Security Threat Intelligence team warned that a threat actor, tracked as DEV-0569, is using Google Ads to distribute various payloads, including the recently discovered Royal ransomware. Read more.
World Cup Phishing Attacks Doubled And Will Increase
Source: KnowBe4
Researchers at Trellix revealed that phishing email attacks targeting users in the Middle East doubled in October 2022 ahead of the World Cup in Qatar, as reported by The Record. Read more.
Emotet is back and delivers payloads like IcedID and Bumblebee
Source: Security Affairs
Proofpoint researchers warn of the return of the Emotet malware, in early November the experts observed a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. Read more.
Tractors vs. threat actors: How to hack a farm
Source: We Live Security
From basics such as implementing password managers and using multi-factor authentication, to using cutting-edge security technology to withstand an attack on big farming service companies such as John Deere, it is clear that more needs to be done to support farms around the world. Read more.
ChatGPT shows promise of using AI to write malware
Source: Cyber Scoop
For even the most skilled hackers, it can take at least an hour to write a script to exploit a software vulnerability and infiltrate their target. Soon, a machine may be able to do it in mere seconds. Read more.
Zerobot – New Go-Based Botnet Campaign Targets Multiple Vulnerabilities
Source: Fortinet
In November, FortiGuard Labs observed a unique botnet written in the Go language being distributed through IoT vulnerabilities. This botnet, known as Zerobot, contains several modules, including self-replication, attacks for different protocols, and self-propagation. Read more.