Cyber attacks, phishing, stalkerware, and malware such as Emissary Panda, have been rampant. They’re taking advantage of the vulnerabilities in organizations and even governments. Keep reading to find out more security news.

For more articles, check out our #onpatrol4malware blog.

Emissary Panda

COVID-19 Scam Roundup – Week of 3/16/20

Source: Trip Wire

Malicious actors are increasingly leveraging COVID-19 as a theme for new digital fraud attacks. In February 2020, for instance, Action Fraud received 21 reports of fraud relating to the coronavirus. Read more.

Emissary Panda

WildPressure targets industrial-related entities in the Middle East

Source: Secure List

Kaspersky Threat Attribution Engine (KTAE) doesn’t show any code similarities with known campaigns, nor any target intersections. So they consider the attacks to be targeted and have currently named this operation WildPressure. Read more.

malicious Microsoft Office documents

‘Rare’ stalkerware emerges with targets around the world

Source: Cyberscoop

An app that’s marketed as a solution to keep children safe online includes such aggressive functionality that cybersecurity researchers warn it’s possible for stalkers to monitor victims in a way that is “almost impossible to detect.” Read more.

Emissary Panda

VB2019 paper: Cyber espionage in the Middle East: unravelling OSX.WindTail

Source: Virus Bulletin

In this paper, we’ll comprehensively dissect OSX.WindTail.A, the first-stage macOS implant utilized by the WINDSHIFT APT group (which targeted individuals of a Middle-Eastern government). Read more.

Emissary Panda

How the Iranian Cyber Security Agency Detects Emissary Panda Malware

Source: Team Cymru

It has been previously publicised that the Chinese-attributed threat group, Emissary Panda, have been targeting various sectors in the Middle East, including government organisations. Read more.

malicious Microsoft Office documents

TrickBot Bypasses Online Banking 2FA Protection via Mobile App

Source: Bleeping Computer

The TrickBot​​​​​ gang is using a malicious Android application they developed to bypass two-factor authentication (2FA) protection used by various banks after stealing transaction authentication numbers. Read more.

malicious Microsoft Office documents

State-Backed Players Join Pandemic Cyber Crime Attacks

Source: Security Week

Sophisticated state-supported actors are following cybercriminals in exploiting the coronavirous pandemic and posing an “advanced persistent threat” (APT), French defence technology giant Thales warned Monday. Read more.

Emissary Panda

Holy water: ongoing targeted water-holing attack in Asia

Source: SecurityList

SecurityList discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings. This campaign targets an Asian religious and ethnic group. Read more.

malicious Microsoft Office documents

Crave the Data: Statistics from 1,300 Phishing Campaigns

Source: NCC Group

Targets in Charities were found to be over 3 times more likely to click a link in a Phishing attack than targets in the Health sector. Once a user had clicked the link, half were likely to enter credentials regardless of what sector they worked in. Read more.