Fri. Jun 5th, 2020

Layer 7 Weekly Round Up: 8/19 Edition

THE BIG STORY

1. Google, Apple, and Mozilla block Kazakhstan browser spying tool

On Wednesday, Google, Apple, and Mozilla announced that they have taken measures to block a root certificate the Kazakhstan government used last month to spy on its citizens’ web traffic.

 

WE’RE KEEPING AN EYE ON

2. Instagram phishing campaign uses two-factor authentication as bait

Researchers at Sophos warn about a new Instagram phishing scam that uses two-factor authentication to lure potential victims into handing over sensitive information on a fraudulent landing page.

 

INCIDENTS THIS WEEK

3. 23 government organizations in Texas hit with ‘coordinated’ ransomware attack

More than 20 local government agencies across Texas were hit with ransomware attacks concurrently over the last several days. The ransomware has been called JSE, which doesn’t stand for anything other than the name of the encrypted file extensions. It is an odd strain since it doesn’t leave any note behind or demand payment for decryption.

 

4. Utility sector targeted by Adwind remote access trojan

Threat actors are using the Adwind Remote Access Trojan to target entities in the utility sector. Adwind is particularly concerning because it can evade detection from most major anti-malware solutions.

 

INTERESTING READ

5. US cell carriers team up to combat robocalls — but no deadline set

One of the major cyber discussions this past year is about robocalls. Aside from taking legal action against companies and individuals accused of placing spam calls to consumers, the government also voted to let phone companies block robocalls by default. And, it seems like phone carriers are taking advantage of the ruling because on Thursday, twelve of the biggest American phone companies, including AT&T, Sprint, T-Mobile, and Verizon, promised to make efforts to prevent spoofed and automated robocalls. — TechCrunch