• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Current News   »   This Week in Security News: Spam Campaigns and Cryptocurrency Miners

This Week in Security News: Spam Campaigns and Cryptocurrency Miners

  • Posted on:June 14, 2019
  • Posted in:Current News, Security
  • Posted by:
    Jon Clay (Global Threat Communications)
0
week in security

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about advanced targeted attack tools being used to distribute cryptocurrency miners as well as a spam campaign targeting European users.

Read on:

Advanced Targeted Attack Tools Found Being Used to Distribute Cryptocurrency Miners
Regular cybercriminals appear to be taking a page from targeted attack actors’ playbooks — or rather, toolkits — to maximize their profits from illicit activities like cryptojacking.

Congress to Take Another Stab at ‘Hack Back’ Legislation
Rep. Tom Graves, R-Ga., is reintroducing a bill that would allow companies to go outside of their own networks to identify their attackers and possibly disrupt their activities.

Spam Campaign Targets European Users with Microsoft Office Vulnerability (CVE-2017-11882)
An active Microsoft Office and WordPad spam campaign is targeting European users, using languages such as Romanian and files that allow attackers to exploit the CVE-2017-11882 vulnerability.

License Plates, Photos, Passwords and More Stolen in Two Separate Breaches
Two major breaches, one at US Customs and Border Protection and another with a retro gaming site Emuparadise, highlight the need for effective data protection.

Major HSM Vulnerabilities Impact Banks, Cloud Providers, Governments
Two security researchers have recently revealed vulnerabilities that can be exploited remotely to retrieve sensitive data stored inside special computer components known as HSMs (Hardware Security Modules).

Data Breach Disclosed by Online Invitation Firm Evite
Online invitation and stationary company Evite notified customers of a data breach that stemmed from an inactive data storage file associated with user accounts.

June’s Patch Tuesday Fixes 88 Security Flaws, Including SandboxEscaper’s Zero Days, HoloLens
Microsoft’s June Patch Tuesday announced the release of 88 vulnerability patches in this month’s security bulletin, as well as four advisories and one servicing stack update.

Have I Been Pwned Is Looking for a New Owner
Owner Troy Hunt revealed he’s looking for an acquirer for the breach notification service he set up called “Have I Been Pwned”. Traffic to the site has exploded since January when he uploaded a 773 million record list of breached emails and passwords that could be used for automated unauthorized logins.

Shifting Tactics: Breaking Down TA505 Group’s Use of HTML, RATs and Other Techniques in Latest Campaigns
In their latest campaign, cybercriminal group TA505 used HTML attachments to deliver malicious .XLS files that lead to downloader and backdoor FlawedAmmyy, mostly to target users in South Korea.

MuddyWater Resurfaces, Uses Multi-Stage Backdoor POWERSTATS V3 and New Post-Exploitation Tools
Analysis of new campaigns wearing the badge of MuddyWater revealed the use of new tools and payloads, which indicates that the well-known threat actor group is continuously developing their schemes.

U.S. Ramping Up Offensive Cyber Measures to Stop Economic Attacks, Bolton Says
The U.S. is beginning to use offensive cyber measures in response to commercial espionage, according to John Bolton, President Trump’s national security adviser.

CVE-2019-2725 Exploited and Certificate Files Used for Obfuscation to Deliver Monero Miner
Feedback from the Trend Micro Smart Protection Network security architecture revealed a cryptocurrency-mining activity involving the CVE-2019-2725 vulnerability, but with an interesting twist — the malware hides its malicious codes in certificate files as an obfuscation tactic.

Do you worry about being targeted by spam campaigns via work tools like Microsoft Office? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

 

 

Related posts:

  1. This Week in Security News: Ransomware Campaigns and Cryptocurrency Miners
  2. This Week in Security News: Ransomware Campaigns and Cryptocurrency Miners
  3. This Week in Security News: Ransomware Campaigns and Cryptocurrency Miners
  4. This Week in Security News: Spam Campaigns and Vulnerable Infrastructures

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Cloud-based Email Threats Capitalized on Chaos of COVID-19
  • Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020
  • Trend Micro Recognized on CRN Security 100 List
  • Trend Micro Reports Solid Results for Q4 and Fiscal Year 2020
  • Connected Cars Technology Vulnerable to Cyber Attacks
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, MĂŠxico
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, EspaĂąa, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.