Weekly Email Security News Recap #1 [September 2022]

September represents a change of season, with Fall officially starting. But in the cyberworld, things are always changing. Threats evolve, cybercriminals multiply, and new attacks are always on the horizon.

From a phishing toolkit for sale on the Dark Web to a serious Google Chrome vulnerability, here are some of September’s latest cybersecurity news headlines.

EvilProxy Phishing Toolkit For Sale on the Dark Web 

As the cybersecurity company Resecurity states, a new Phishing-as-a-Service (PhaaS) named EvilProxy (or Moloch) was detected on the dark web for sale.

EvilProxy hackers use cookie injection methods and reverse proxy to bypass two-factor authentication while proxying a victim’s session. Methods like these have been previously used in targeted campaigns of advanced persistent threats and cyber-espionage groups.

Resecurity acquired significant data about EvilProxy’s functions, modules, structure, and network infrastructure during its investigations.

Earlier cyberattacks using EvilProxy were initially identified as being related to attacks on Google and MSFT customers who have MFA enabled. 

The phishing kit can deliver sophisticated phishing links, which could cause customer account compromises to Apple, Meta, Google, Microsoft, and Twitter users.

It’s likely EvilProxy hackers target software developers and IT engineers to hack downstream targets in the end.

In this way, cybercriminals make end users think they’re downloading software packages from secure resources but eventually get compromised.

Russian Yandex Taxi App Hacked byAnonymous and the IT Army of Ukraine

Yandex Taxi, owned by Russia’s leading IT company, Yandex and known as the Russian Google, recently suffered a cyberattack.

After breaching the Yandex Taxi app, hackers caused a massive traffic jam that lasted three hours in the Russian capital’s western area. 

The incident happened when the attackers ordered all available taxis to a particular address, causing a massive traffic jam as dozens of Yandex drivers were stuck on their way to the same location.

All the cabs were directed to one of the main avenues in Moscow, Kutuzovsky Prospekt, known for the Stalinist-era building called ”Hotel Ukraina.’”

Yandex’s security team announced that it’d improve the algorithm to prevent such incidents in the future.

In an exclusive statement to Hackread.com, the IT Army of Ukraine confirmed that they were behind this attack.

Anonymous TV also tweeted that the Russian taxi service hack was by the Anonymous collective.

Google Chrome Zero-Day Flaw that Users Urged to Install 

To finalize our email security news and cybersecurity news recap, let’s talk about the new security update that Google released for the Chrome browser on Windows, Mac, and Linux.

The update was to fix a newly discovered zero-day vulnerability actively used by cybercriminals, and users are urged to apply the update quickly. 

The release updates Google Chrome to version 105.0.5195.102 and fixes (CVE-2022-307), an extreme security issue.

The security patch will be introduced to users over the coming days, and users are advised to apply the update when Chrome requests them to. 

Specifics on the vulnerability are yet to be made public, likely to prevent threat actors from benefiting from it.

An unknown cybersecurity researcher who will receive a bug bounty presented the vulnerability anonymously to Google.

Google thanked all security researchers that worked with them during the development cycle to prevent security bugs.

Final Thoughts

One area that your business should be focused on is email security.

In 2021, over 319.6 billion emails were sent and received daily. While more and more emails are sent, there’s also an increase in cyberattacks.

That’s why investing in secure email services and cybersecurity training is crucial for your business. 

Don’t waste your time, and secure your email today!

SPF Record Syntax: Structure and Components

SPF Record Syntax: Structure and Components

Understanding what SPF is and bringing it into use is important for technology-driven businesses...

Read More
What is a DKIM Record?

What is a DKIM Record?

What is a DKIM record? That's a question we see everywhere these days. Emails...

Read More
What is an SPF Record?

What is an SPF Record?

What if you realize a threat actor is misusing your domain name to send...

Read More