This Week’s Top 5 Cybersecurity News Stories August 2024 | 05
Cybersecurity threats are evolving constantly as threat actors look to gain access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of. No story is too big or small, as we look at threats from espionage to security flaws in every day devices:
1. Telegram founder: Arrest of Pavel Durov in France
Pawel Durov, founder of Telegram, was arrested in France on suspicion of complicity in drug trafficking, fraud, and child abuse due to alleged inaction on Telegram. French authorities are investigating, and the Russian embassy is involved. Durov’s relationship with Russian authorities is strained, stemming from his refusal to share user data, leading to his exile. Telegram faces criticism for not combating hate speech adequately. For more about this story click here
2. Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations
Microsoft has uncovered a new threat from the Iranian state-sponsored group, Peach Sandstorm, which deployed a multi-stage backdoor named Tickler in cyberattacks targeting sectors like satellite communications, oil and gas, and government entities in the U.S. and UAE. The group also engaged in intelligence gathering via LinkedIn and password spray attacks, leveraging compromised Azure infrastructure for their operations. For more about this story click here
3. Cyberattackers Exploit Google Sheets for Malware Control in Global Espionage Campaign
Cybersecurity researchers have uncovered a unique malware campaign using Google Sheets as a command-and-control mechanism. Starting in August 2024, the campaign, dubbed “Voldemort,” impersonates tax authorities across the globe to target over 70 organizations in various sectors, including finance, healthcare, and technology. The sophisticated malware gathers information and delivers additional payloads, blending espionage tactics with cybercrime methods for a truly unusual threat. For more about this story click here
4. New Malware Masquerades as Palo Alto VPN Targeting Middle East Users
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting users in the Middle East by disguising itself as Palo Alto Networks’ GlobalProtect VPN tool. The malware can execute remote PowerShell commands, exfiltrate files, and bypass sandbox solutions. It connects to a fake VPN portal, allowing threat actors to operate undetected. The campaign likely begins with phishing, but its exact origins remain unclear. For more about this story click here
5. New Cyberattack Targets Chinese-Speaking Businesses with Cobalt Strike Payloads
Researchers have uncovered a sophisticated phishing campaign, dubbed SLOW#TEMPEST, targeting Chinese-speaking users. The attackers use malicious ZIP files containing a disguised Windows shortcut (LNK) file to deploy Cobalt Strike payloads, allowing them to move laterally, establish persistence, and remain undetected for over two weeks. The campaign, possibly linked to Chinese threat actors, uses advanced techniques like DLL side-loading and privilege escalation to maintain access and conduct reconnaissance. Despite no direct attribution to a known group, the operation displays the hallmarks of a highly experienced threat actor. For more about this story click here
At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.
For more information please contact us now!