The growing use of trusted cloud services by attackers as part of their malicious infrastructure is increasingly concerning. A new Android spyware campaign has been uncovered in South Korea, where attackers are using an AWS S3 bucket as a C&C server to steal sensitive data from compromised devices. In other news, threat actors are leveraging WebDAV technology to host malicious files and distribute Emmenhtal loader. Meanwhile, Fortra reported a sharp rise in email scams and some glaring statistics. Take a look at the 10 key cybersecurity news from the weekend.
01
A new Android Spyware campaign has been discovered targeting individuals in South Korea, using an Amazon AWS S3 bucket as its C&C server to exfiltrate sensitive data from compromised devices.
02
Threat actors are exploiting the use of WebDAV technology to host malicious files and distribute the Emmenhtal loader and other malware. The WebDAV infrastructure is likely part of a commercial service offered by a cybercriminal group, catering to multiple clients with diverse malware payloads.
03
An AsyncRAT variant has been disguising itself as cracked software, exploiting users’ desire for free premium access and tricking them into downloading malicious applications.
04
Researchers discovered Kryptina RaaS, a free and open-source RaaS platform written for Linux. From being a free tool on public forums, the tool is now being actively used in enterprise attacks, particularly under the Mallox ransomware family.
05
A high-severity vulnerability (CVE-2024-41721) in the FreeBSD hypervisor, bhyve, has been identified. The flaw allows malicious software in a guest VM to execute arbitrary code on the host system.
06
A stack-based overflow vulnerability tracked as CVE-2024-7490, has been disclosed in the Microchip Advanced Software Framework, which could lead to remote code execution.
07
Two critical vulnerabilities, CVE-2024-22303 and CVE-2024-21743, have been discovered in the WordPress theme Houzez and its companion plugin Houzez Login Register. The first allows unauthenticated users to elevate privileges and take over sites, while the second lets users change email addresses and hijack accounts.
08
According to Fortra, email scams, including BEC attacks, have become increasingly sophisticated, using AI and spoofing techniques, with phishing emails skyrocketing by 4,151% since the public launch of ChatGPT.
09
Edera, an enterprise security solutions provider, raised $5 million in a seed round led by 645 Ventures and Eniac Ventures, with participation from FPV Ventures, Generationship, Precursor Ventures, and Rosecliff Ventures.
10
Identity security management company, Hydden, secured $4.4 million in a seed funding round led by Access Venture Partners, Lockstep, Service Provider Capital, and several angel investors.
