TheCyberThrone Security Week In Review–April 22nd, 2023

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, April 22nd, 2023.

1. ICICI Bank Data Breach ! Strongly Denied

Researchers have found that ICICI Bank has leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients.

During the recent investigation, it’s been discovered that the bank leaked sensitive data due to the misconfiguration of their publicly accessible cloud storage containing over 3.6 million files belonging to ICICI Bank.

However, ICICI Bank has denied these reports and said that they were baseless and aimed at damaging the bank’s reputation. The bank has accused of publishing a story with malicious intent to mislead customers and dent the bank’s image

2. NCR Corp hit by BlackCat Ransomware

NCR Corp, a PoS and ATM technology retailer has been struck by a ransomware attack causing outages to some of its services.

NCR added that the incident was limited to the specific functions of its Aloha cloud-based services and its Counterpoint product. No customer systems or network were involved, nor did the ransomware attack affect the company’s ATM, digital banking, payments, or other retail products.

Though the attacker details not revealed, it is reported that the BlackCat ransomware gang has claimed responsibility for the attack. However, in an interesting twist, the ransomware gang claims not to have stolen data but credentials that it’s using as leverage to receive a ransom payment.

3. LockBit Targets Mac Devices

LockBit, has modified its variant that the ransomware strain was seen targeting Mac devices — the first of its kind for a major ransomware operation.

Researchers revealed a potential LockBit ransomware sample targeting MacOS. The ransomware binary was initially undetected by traditional anti-virus tools but has since begun catching the malicious files.

4. Google Fixes Second Chrome Zeroday of 2023

Google has patched another zero-day vulnerability found in Chrome. The vulnerability tracked as CVE-2023-2136, the security defect is described as a high-severity integer overflow issue in Skia. This bug is reported by Google TAG.

Google is aware that an exploit for CVE-2023-2136 exists in the wild.This the second zero-day vulnerability resolved in Chrome

SUBSCRIBE TO OUR BLOG TODAY !

We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day

5.Russian Linked APT 29 found targeting NATO & EU Member States

The authorities of Poland warn about a cyberespionage group linked to Russia dubbed as APT29, Cozy Bear, and NOBELIUM is targeting diplomatic and foreign ministries from NATO and EU member states in an ongoing campaign that uses previously undocumented malware payloads.

APT29 in general uses a .ISO files for malware distribution before, but the use of .IMG (disk image) files is a new technique. Both ISO and IMG files are automatically mounted as a virtual disk when opened in Windows and the user can access the files contained within.

6. Zaraza Malware targets Browsers to Steal Credentials

Researchers came up with a warning about a new variant of the credential-stealing malware dubbed as Zaraza. This is fond of  pilfering log-in credentials of web browsers Google Chrome, Microsoft Edge, Opera and Brave.

Threat actors are leveraging Telegram servers as their C2 platform to shuffle bank login credentials and cryptocurrency exfiltrated from targeted computers. Researchers believe adversaries behind the campaign have ties to Russia, adding the name of the malware translates from Russian to the word infection.

This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram