Dec 15 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter who’s mum nearly got phished by a random phone number that text her saying hey mum it’s me and she only twigged because my sister uses green love hearts and the phisherman used red 💔 Shout out to Lloyds bank who smelled a RAT 🐀
It’s Friday, folks, which can only mean one thing… It’s time for our weekly segment!
It goes by many names. Patch of the Week, Tweak of the week. Okay, that’s it.
Congrats, the cybercriminals are no match… for your patch! 🩹🩹🩹
Check out these freshly hatched patches 🐣🐣🐣
🚨 Critical WordPress Security Update! Version 6.4.2 is Here! 🚨
Heads up, WordPress users! The latest release, version 6.4.2, is a must-install for a crucial security patch. 😱 This update addresses a vulnerability that, when combined with another bug, could empower threat actors to execute harmful PHP code on vulnerable sites. The risk is particularly high for multisite installations and certain plugins. Take action now, update your WordPress to 6.4.2, and keep your website secure! 🔒✅
The old updates compared to the new? Apples and oranges 🍎🍊😉
🍏🔒 Apple's Security Boost! 🚀
Apple just released crucial updates for iOS, iPadOS, macOS, tvOS, watchOS, and Safari. iOS 17.2 and iPadOS 17.2 fix 12 vulnerabilities, including a critical Bluetooth flaw. Safari 17.2 addresses WebKit issues. Additional security features include a Siri bug fix and iMessage privacy upgrade. Update now for a fortified Apple experience! 📱💻
Now, on to today’s hottest cybersecurity stories:
🔮 Busting the myths: Cyber threats to healthcare 🩺
👤 MrAnon malware targets Germans via bookings 📒
💼 Recruiters targeted by devious phishing malware 🎣
Ever wondered which is more valuable on the dark web: a credit card number, a social security number, or an Electronic Health Record (EHR)? Surprisingly, it's the EHR, fetching up to $1,000, highlighting why healthcare remains a prime target for cybercriminals. With ransomware as a major threat, the sector faces challenges from high digitalization, resource constraints, and high stakes, leading to an average breach cost exceeding $10 million.
In this landscape, understanding cybercriminal tactics is crucial. Despite increased organisation, they still exploit human errors and "low-hanging" vulnerabilities. An alarming trend is the exposure of secrets on platforms like GitHub, with 10 million leaked in 2022 alone, posing significant security risks.
To fortify against breaches, healthcare organisations should adopt continuous vigilance. Automated monitoring of digital footprints, like GitHub attack surface audits, and proactive measures such as honeytokens can significantly enhance cybersecurity. As technology evolves, staying ahead with the latest security technologies and fostering a culture of security awareness is key for the healthcare industry. 💪🏥🔐
The best eye and brain candy curated from all corners of the web
No news. No politics. No BS.
Just the good stuff
Watch out! A recent phishing campaign is unleashing the MrAnon Stealer, a Python-based malware disguised in booking-themed PDF lures. 💼🔍 This crafty stealer, compressed with cx-Freeze to dodge detection, snatches victims' credentials, system info, browser sessions, and even cryptocurrency extensions. 😱💳
Germany seems to be the bullseye as of November 2023, with evidence pointing to it being the primary target. 🇩🇪🎯 The phishing email poses as a hotel room booking company, tricking victims into opening a PDF that prompts a fake Adobe Flash update. The result? Execution of .NET executables and PowerShell scripts, leading to a malicious Python script. This script not only gathers data but also sends it to a public file-sharing site and the threat actor's Telegram channel. 📤🕵️♂️
MrAnon Stealer is up for grabs for $500/month, signalling a strategic shift from Cstealer in July and August to MrAnon Stealer in October and November. 😈💰 Stay vigilant against phishing emails as cyber threats continue to evolve! 🔒✨
Learn AI in 5 minutes a day. We'll teach you how to save time and earn more with AI. Join 400,000+ free daily readers for trending tools, productivity boosting prompts, the latest news, and more.
Attention recruiters! 🕵️♂️ Proofpoint issues a red alert about threat actor TA4557 deploying malware through cleverly crafted emails. Known for distributing the More_Eggs backdoor, this financially motivated actor has shifted tactics, replying to job listings and now targeting recruiters directly. 😱💼
In the latest attack, TA4557 uses direct emails with URLs to fake candidate resumes or attachments with instructions to visit a bogus resume website. 📬🌐 Recipients are tricked into downloading a zip file containing a shortcut file (LNK), leading to the deployment of the More_Eggs backdoor using "living-off-the-land" techniques.
Recruiters are urged to update user awareness training to counter this evolving threat, especially as TA4557 builds trust before delivering malicious content. The group constantly changes sender emails, fake resume domains, and infrastructure, making detection challenging. Stay vigilant and keep your defences updated! 🔍🔐
🗞️ Extra, Extra! Read all about it! 🗞️
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.
Libby Copa: The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.
Techspresso: Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)
Let us know what you think.
So long and thanks for reading all the phish!
🌵 CACTUS ransomware exploits flaws in Qlik Sense 💻