DEV Community

Cover image for Security news weekly round-up - 1st January 2021
Habdul Hazeez
Habdul Hazeez

Posted on

Security news weekly round-up - 1st January 2021


This week it's mostly about malware.

2020 had its share of memorable hacks and breaches. Here are the top 10

The year 2020 was a memorable one for all to remember. Multiple sectors were affected by the COVID-19 pandemic (and still are) but that does not mean hackers went on vacation.

The article lists some hacks and breaches that occurred during the year which affected multiple big names in the tech industry Twitter, Nintendo, FireEye e.t.c.

Some hacks include:

GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic

When I read that article title, I had one thing in mind: Human being are crafty creatures.

The malware uses Word files which downloads a PowerShell script from GitHub which further downloads a legitimate image from Imgur to decode the Cobalt Strike payload.

Multi-platform card skimmer found on Shopify, BigCommerce stores

The advancement in technology has led to advancement in attacks against these technologies. Furthermore, the article title is a good summary of the article itself.

Excerpt from the article:

This new skimmer (also known as a Magecart script) can also abuse hosted e-commerce systems such as Shopify and BigCommerce, as researchers at Dutch cyber-security company Sansec found, even though they do not provide support for custom checkout pages scripts.

It does that by displaying a fake payment page before the customers land on the real checkout form and using a keylogger to intercept payment and personal information.

A Google Docs Bug Could Have Allowed Hackers See Your Private Documents

Kindly ignore the typo in the article's title 🤭.

Excerpt from the article:

Google has patched a bug in its feedback tool incorporated across its services that could be exploited by an attacker to potentially steal screenshots of sensitive Google Docs documents simply by embedding them in a malicious website.

The flaw was discovered on July 9 by security researcher Sreeram KL, for which he was awarded $3133.70 as part of Google's Vulnerability Reward Program.

Ransomware Is Headed Down a Dire Path

It's a long read, but please find time out of no time to read it.

Excerpt from the article:

Ransomware has been around for decades, and it's a fairly straightforward attack: Hackers distribute malware that mass-encrypts data or otherwise blocks access to a target's systems, and then demand payment to release the digital hostages. It's a well-known threat, but one that's difficult to eradicate—something as simple as clicking a link or downloading a malicious attachment could give attackers the foothold they need.

AutoHotkey-Based Password Stealer Targeting US, Canadian Banking Users

One word: Stay safe. (two words actually 🙃)

Excerpt from the article:

AutoHotkey is an open-source custom scripting language for Microsoft Windows aimed at providing easy hotkeys for macro-creation and software automation that allows users to automate repetitive tasks in any Windows application.

Customers of financial institutions in the US and Canada are among the primary targets for credential exfiltration, with a specific focus on banks such as Scotiabank, Royal Bank of Canada, HSBC, Alterna Bank, Capital One, Manulife, and EQ Bank. Also included in the list is an Indian banking firm ICICI Bank.

New warning issued over COVID‑19 vaccine fraud, cyberattacks

The title says it all. Please read it.

Excerpt from the article:

The warning notes that “cybercriminals, including ransomware operators, will continue to exploit the COVID-19 pandemic alongside legitimate efforts to develop, distribute, and administer vaccines”. With that in mind, FinCEN urged banks and other financial institutions to keep an eye out for ransomware targeting vaccine distribution and the supply chains required to manufacture the vaccines.


Cover photo by Jazmin Quaynor on Unsplash.


This is the first article in this series for the year 2021 therefore, Happy New year wherever you might be. Thanks for reading.

That's it for this week, I'll see you next Friday.

Top comments (0)