Today’s Cybersecurity Threats and Trends - 08/01/2024

Money is the root of all breaches.

Today’s Top 5 Emerging Cybersecurity Threats and Trends - 08/01/2024

1. Authenticator’s Ads Ambushed

Primary Threat: Malicious actors are using fake Google Authenticator ads to distribute the ‘DeerStealer’ malware. These ads appear legitimate, but it directs users to a fraudulent site that installs information-stealing malware, which is capable of exfiltrating credentials and other sensitive data.

  • MITRE Tactics: Initial Access, Execution.

  • Risk: High – Potential for widespread data theft and compromised accounts.

2. BingoMod Blasting Bank Balances

Primary Threat: A new Android malware named ‘BingoMod’ is targeting users by posing as legitimate security tools/apps. Once installed it goes to work draining their bank accounts and then wiping their devices to cover its tracks. This sophisticated attack focuses on on-device fraud, making it highly dangerous for mobile users.

  • MITRE Tactics: Initial Access, Exfiltration, Impact.

  • Risk: High – Financial loss, data destruction, and potential device bricking.

3. ServiceNow Security Slip-up

Primary Threat: A remote code execution (RCE) vulnerability in ServiceNow, tracked as CVE-2024-4879, is being actively exploited in the wild. This flaw allows attackers remotely execute code within the context of the Now Platform, potentially leading to full system compromise.

  • MITRE Tactics: Initial Access, Execution.

  • Risk: High – Unauthorized system access, data theft, and potential for full system compromise.

4. Large Lender’s Loans Leaked

Primary Threat: A third party to EdFinancial and the Oklahoma Student Loan Authority (OSLA), Nelnet Servicing, was breached. This has exposed the personal information of millions of student loan borrowers. Overall, this is part of a broader trend of targeting financial and educational institutions for sensitive data.

  • MITRE Tactics: Collection, Exfiltration

  • Risk: High – Exposure of sensitive financial information, leading to identity theft and financial fraud.

5. Stealty SMS Swiping

Primary Threat: A large-scale SMS stealer campaign has infected Android devices across 113 countries. This campaign uses Telegram bots to intercept one-time passwords (OTPs) and other sensitive SMS messages from over 600 services, including banking and social media platforms.

  • MITRE Tactics: Collection, Credential Access

  • Risk: High – Widespread credential theft and potential for unauthorized account access.

IN SUMMARY:

Today’s threats read like a cybercriminal’s greatest hits album—fake ads pushing malware, Android devices getting drained and bricked, and even ServiceNow getting slammed with a few RCE exploits.

Add a massive student loan breach and a global SMS stealer campaign, and it remains clear: If it’s digital, it’s under attack.

Patch up, lock down, and maybe double-check those ads…
Remember: It’s always better to be paranoid than to be pwned!

J.W.