AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 02/09/2022

Microsoft plans to kill malware delivery via Office macros

Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware. Using VBA macros embedded in malicious Office documents is a very popular method to push a wide range of malware families in phishing attacks, including Emotet, TrickBot, Qbot, and Dridex. “This change only affects Office on devices running Windows and only affects the following applications: Access, Excel, PowerPoint, Visio, and Word,” the Microsoft Office Product Group said today.


Overview of the Pharmaceutical Industry Threat Landscape

The pharmaceutical industry gained significant attention with the outbreak of the coronavirus (COVID-19) crisis. At the onset of the pandemic, demand from the pharmaceutical industry increased due to the need for COVID-19 treatment medication and prevention kits. The pharmaceutical industry endured a major shift in the threat landscape compared to the early stages of the pandemic from March 2020 to September 2021. Advanced Persistent Threat (APT) groups and cyber criminals targeted pharmaceutical companies to steal highly sensitive information, such as drug formulas and COVID-19 research and development data, which are extremely valuable to cyber criminals for financial gain, nation-state-backed actors to support their political agenda, and  hacktivists to support their cause of economic or social awareness. 


Meta threatens to pull Instagram and Facebook in Europe over privacy laws, regulators say ‘please do’

In a new regulatory filling this month, Facebook parent company Meta renewed its threats to pull both Facebook and Instagram in the European Union over privacy laws. Regulators in the EU, however, have quickly called Meta’s bluff, and even went as far east to say that “life is very good without Facebook and that we would live very well without Facebook.” The context here is important. As Bloomberg explains, the United States and the European Union are stuck in negotiations over plans to “replace a transatlantic data transfer pact that thousands of companies relied on.” This pact, however, was struck down by the EU Court of Justice in 2020 “over fears citizens’ data isn’t safe” once it’s transferred to the United States.


Washington Warns of POLARIS Breach

The Washington State Department of Licensing (DOL) has shuttered its Professional Online Licensing and Regulatory Information System (POLARIS) after detecting suspicious activity. POLARIS stores information about license holders and applicants. The type of information varies for different licenses and may include Social Security numbers, dates of birth, driver license numbers and other personally identifying information (PII). In a statement posted to its website, the DOL said it became aware of unusual goings involving professional and occupational license data during the week commencing January 24 2022. The decision was taken to shut down POLARIS as a precaution while the activity was investigated. The department said the Washington Office of Cybersecurity was assisting in the safe recovery of the system and in the investigation to determine whether a data breach had occurred. 


Chinese telecom Hytera charged for allegedly recruiting Motorola employees to steal trade secrets

A Chinese telecommunications firm has been indicted over an alleged insider operation aimed at stealing trade secrets belonging to Motorola. The US Department of Justice (DoJ) said on Monday that Hytera Communications Corp “recruited and hired Motorola Solutions employees and directed them to take proprietary and trade secret information from Motorola without authorization.” According to the indictment, unsealed in the Northern District of Illinois, Motorola and Hytera both moved from the sale of analog mobile radios (walkie-talkies) to digital mobile radios (“DMRs”) after a 2004 announcement by the US Federal Communications Commission (FCC) that vendors must make the shift by 2013.


Cyberattack brings down Vodafone Portugal mobile, voice, and TV services

Vodafone Portugal said today that a large chunk of its customer data services went offline overnight following “a deliberate and malicious cyberattack intended to cause damage and disruption.” The company’s 4G and 5G mobile networks, along with fixed voice, television, SMS, and voice/digital answering services are still offline following the attack. “We have already recovered mobile voice services and mobile data services are available exclusively on the 3G network in almost the entire country but, unfortunately, the scale and seriousness of the criminal act to which we were subjected implies careful and prolonged work for all other services,” the company said in a statement published earlier today. Vodafone said it’s working on restoring the remaining services throughout the day, with the help of local and international teams in what currently is the largest cybersecurity incident the company has ever dealt with. The company also said it’s working with authorities to investigate the incident and that based on current evidence, customer data doesn’t appear to have been accessed or compromised.


Apple empowers businesses to accept contactless payments through Tap to Pay on iPhone

Apple today announced plans to introduce Tap to Pay on iPhone. The new capability will empower millions of merchants across the US, from small businesses to large retailers, to use their iPhone to seamlessly and securely accept Apple Pay, contactless credit and debit cards, and other digital wallets through a simple tap to their iPhone — no additional hardware or payment terminal needed. Tap to Pay on iPhone will be available for payment platforms and app developers to integrate into their iOS apps and offer as a payment option to their business customers. Stripe will be the first payment platform to offer Tap to Pay on iPhone to their business customers, including the Shopify Point of Sale app this spring. Additional payment platforms and apps will follow later this year.

Related Posts