SECURITY TRENDS: Hackers fast to exploit bugs

While security professionals scramble to fix vulnerabilities as soon as possible, the hard truth is that 14% of exploits are available to attackers before the patch is ready from vendors.

One-quarter of exploits are available within a week after the patched is released, and half are available within a month after the patch is released.

The top ten most exploited vulnerabilities between 2016 and 2019 were...

To read more, sign up for our 14-day free premium content trial! 

Trading on the New Zealand Stock Exchange has been disrupted for the third day in a row by a distributed denial-of-service (DDoS) attack. The exchange hopes to resume trading on Friday. 

More:

• A hacking group known as Armada Collective (aka Fancy Bear) is responsible for the DDoS attack on the exchange as well as recent attacks on MoneyGram, YesBank India, Worldpay, PayPal, Braintree, and Venmo, according to a source consulted by ZDNet.
• The group demands a ransom in Bitcoin from victims to prevent a DDoS attack, noted Akamai researchers. 
• DDoS attacks soared 542% in the first quarter of 2020 compared to the same quarter in 2019.

A new variant of the Qbot banking trojan can hack into Microsoft Outlook emails and steal credentials and financial data, according to Check Point researchers. Once a machine is infected via a phishing email, the QBot variant deploys an email collector module that steals email threads and sends them to the attackers' command and control server.

More from Check Point:

• The hijacked email threads discuss topics such as COVID-19, tax payment reminders, and job recruitment.
• The Emotet trojan operators appear to be behind the new Qbot attack campaign, which has impacted 5% of organizations worldwide.
• The most targeted organizations are in government, military, and manufacturing.

The UltraRank cybercrime group has used JavaScript sniffer malware to steal payment card data from nearly 700 websites and 13 service providers over the past five years. UltraRank has undertaken three attack campaigns since 2015, with the latest one still ongoing, according to security firm Group IB.

More from Group IB:

• UltraRank has changed its infrastructure and malware over the years so that other researchers have attributed the attacks to different threat actors.
• Group IB was able to identify common techniques used by the group, such as similar domain registration patterns, a mechanism for hiding servers, and storage locations for malware.
• UltraRank monetizes the stolen payment cards through the card shop ValidCC, which makes over $5,000 per day in revenue.

The number of vulnerabilities in major platforms in 2020 is expected to exceed levels seen last year, according to the latest data from RiskBased Security (RSB). For the first half of this year, 11,121 vulnerabilities were disclosed. In April alone, 506 vulnerabilities were reported, 79% of which came from seven major vendors.

More from RiskBased Security:

• Microsoft saw a 150% year-over-year increase in vulnerabilities disclosed in the first six months of 2020, with Windows 10 having the most security bugs.
• The Vulnerability Fujiwhara Effect, a term coined by RSB, refers to the disclosure of vulnerabilities on the same day by Microsoft and Oracle. It happened this year on April 14, which resulted in the reporting of 818 vulnerabilities on one day. 
• Disclosing of so many security bugs at once threatens to overwhelm IT staff and vulnerability managers, observed Brian Martin, vice president of vulnerability intelligence at RSB.

Every Thursday, I summarize a podcast about cybersecurity so you can read it in about five minutes or less. This week features Rich Stever, IT security auditor at Pivot Point Security, who spoke with John Verry of the Virtual CISO Podcast (#26) about how to implement and optimize your information security management system (ISMS). 

John Verry: What would you say are some of the biggest challenges you see with organizations deploying and using their ISMS?

05:53 -- Rich Stever responded that many people struggle to understand the ISMS, such as who needs to be involved, what level of staffing it requires, and how to operationalize it. Organizations often don’t have the direction that they need to sustain an ISMS. They often get audit fatigue...

To read more, click here to upgrade to premium!

QUICK HITS:

• Tesla was identified as the U.S. company targeted by Russian hacker Egor Igorevich Kriuchkov, who offered to pay an employee up to $1M to deploy malware in the corporate network.
• Local governments are the most popular target for ransomware attacks, according to Barracuda Networks.
• U.S. government warns about BeagleBoyz bank theft campaign.
• Twitter takes down the Dracula botnet that pushed pro-Chinese propaganda.
• Delight your remote team with curated gift boxes by SnackNation. Get $10 off per box until 8/27!*

We are looking for Business Researchers for our Toronto office. Join us!

• Business Researcher: ECommerce
• Business Researcher: Growth & Advertising
• Business Researcher: UX, Design, & Developer

*This is sponsored content.