ICYMI: MSP APT; MS 0-day; Travel phish: Retraining; Hacktivists hit

News by SC Staff

In Case You Missed It: Chinese hack MSPs; Windows Server 2003 flaw; Phishing hits travellers; retraining graduates; OpIsrael hacktivists targeted.

Huge hacking operation uncovered targeting victims' supply chain

A Chinese hacking group is thought to be behind attacks on managed service providers as a way into their client companies, to facilitate the theft of intellectual property. The hacking group, called APT10, used custom malware and spear-phishing attacks to gain access to victims' systems. Once inside, they used the company's credentials to attack their client companies.

The security of the supply chain has been a recognised weakness in security systems since at least 2013 when it was discovered that attackers had gained access to the Target retail chain in America through an HVAC service provider. More...

Zero-day on Windows Server 2003 could affect up to 600,000 servers

Hackers are said to be rushing to develop exploits as Microsoft says it won't patch flaw in Internet Information Services (IIS) 6.0 on Windows Server 2003. A vulnerability has been discovered in Windows Server 2003 running IIS6 by two security researchers at the South China University of Technology, but Microsoft said it won't issue a patch even though up to 600,000 servers could be running the unsupported software.

The researchers posted a proof-of-concept exploit for the zero-day to Github. The flaw is a zero-day buffer overflow vulnerability (CVE-2017-7269) which has been traced to an improper validation of an ‘IF' header in a PROPFIND request. More...

'Aggressive' phishing campaign against travellers claims 90% success

Airline travellers have been targeted in a new phishing campaign that aims to infect victims' systems with malware and trick users into handing over personal or business details. According to researchers at Barracuda, the criminals are having a success rate of 90 percent with the attacks.

The campaign uses a combination of impersonation, malware and phishing to mount attacks against victims. While it isn't clear who is behind the attacks, the targets include those in industries that deal with frequent shipping of goods or employee travel, such as logistics, shipping and manufacturing. More... 

Government Cyber Retraining Academy graduates snapped up by industry

Free training funded by the Government's National Cyber Security Programme produces 55 industry-ready cyber-professionals. A former bartender and a military intelligence operator have become the first graduates to be offered roles at leading cyber-security companies after graduating from the HM Government-backed Cyber Retraining Academy with flying colours.

The academy, a ground-breaking initiative funded by the Government's National Cyber Security Programme, was launched to fast track the next generation of security experts and help defend the nation against cyber-attacks. The programme commenced on 23 January and concludes this week with a graduation ceremony in London. More...

OpIsrael hacktivists targeted by unknown threat actor

Digital Shadows says it has observed the distribution of two denial of service (DoS) tools - one for Windows and one for Android devices - which are actually RATs. Digital Shadows has identified evidence indicative of a malware distribution campaign intended to deploy Remote Access Trojans (RAT) onto the machines of hacktivist actors engaged in supporting the 2017 iteration of #OpIsrael organised by Anonymous.

Ideologically-motivated “hacktivist” actors can present a variety of threats to organisations from defacements, to denial of service attacks and sometimes even data compromise. More...

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews