Throughout 2023, researchers discovered 10 new trojans targeting Android devices and 19 banking malware families that had persisted since 2022. These malware families targeted banking apps across 61 countries, primarily targeting traditional banking apps.
Multiple vulnerabilities have been found in Apple products, the most severe of which could allow for arbitrary code execution. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Read to learn how to protect against this.
Multiple vulnerabilities have been found in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
The NJCCIC’s email security solution detected a new LockBit campaign dubbed LockBit Black. This campaign was also reported to the NJCCIC via incident reports and observed by information-sharing and analysis centers. The emails in this campaign contain malicious ZIP attachments.
The FBI released this Private Industry Notification (PIN) to highlight cybercriminals using phishing and Short Message Service (SMS) phishing (SMiShing) against employees at US retail corporate offices in order to create fraudulent gift cards resulting in financial loss.
Phishing attacks posing as popular delivery services are becoming more challenging to spot. Many of these scams begin with a text message or email , often claiming that a package cannot be delivered. They may use language, such as “final notice,” to scare users into acting immediately.
The NJCCIC previously reported on the ransomware attack against Change Healthcare, a large healthcare technology company. This cyberattack showcases the cascading ramifications of ransomware incidents, including financial impacts and risks of paying ransom demands.
The NJCCIC observed a DarkGate malware campaign being deployed via malicious software installers embedded in phishing email attachments. Threat actors were also observed exploiting the Windows Defender SmartScreen vulnerability (CVE-2024-21412).
The Federal Bureau of Investigation (FBI) released a public service announcement warning of an uptick in unpaid road toll SMiShing scams. Threat actors impersonate the target state’s toll service name and change the sender’s phone number and link in the message depending on the state.
The NJCCIC observed an uptick in reported SocGholish infections targeting public sector websites. The MS-ISAC also reported that SocGholish was the most observed malware in Q4 of 2023, comprising 60 percent of the top 10 malware incidents.
