DXC Security Threat Intelligence Report

Stay up to date on the latest threats, vulnerabilities and nation-state activities.

Mark Hughes, president of Security, DXC

Are we there yet? 4 ways to make faster inroads against cybercrime

We are making progress on the cybersecurity front but we still have a ways to go. Here are four ways companies can move forward faster.

THREAT UPDATE

Python developers – beware of typos

More than two dozen Python packages are pushing malware to software developers through typosquats.

THREAT UPDATE

Watch out for malware on major U.S. news sites

More than 250 newspaper sites across the U.S. may be inadvertently directing users to malicious browser updates.

THREAT UPDATE

Phishing campaign targets Dropbox

A phishing campaign defeated multifactor authentication (MFA) to breach a Dropbox GitHub account.

By the numbers

97%

of ransomware attacks targeted backup repositories and 75% of those were successful

1 in 5

organizations that did NOT pay ransom were able to recover their data anyway

$76 billion

of illegal cyber activities involve Bitcoin

15 million

data records exposed worldwide through data breaches in Q3 2022

$6 trillion

in total damage by cyberattacks in 2022

VULNERABILITY

OpenSSL releases patches for two vulnerabilities

OpenSSL has released patches for vulnerabilities affecting X.509 certificates in email address buffer overflows.

NATION THREAT

State-sponsored Chinese hackers target Japan

Chinese APT Stone Panda uses antivirus software to install new custom backdoor malware in Japanese organizations.

NATION THREAT

FBI warns of potential Chinese TikTok espionage

The U.S. FBI director says Chinese authorities could use TikTok to control data collection on millions of users.

Subscribe now

Subscribe for the latest threat updates.

VULNERABILITY

Outdated Zabbix monitoring tool exploited

Hackers compromised an outdated Zabbix instance to access a portion of the network of a U.S.-based company.

NATION THREAT

Iran-sponsored hackers attack federal network

Iranian government-sponsored attackers leveraged Log4Shell to install crypto mining software in the U.S. Federal Civilian Executive Branch.

VULNERABILITY

Amazon RDS leaks ‘treasure trove’ of PII

Mitiga researchers allege that hundreds of databases on Amazon Relational Database Services are exposing personal information.

VULNERABILITY

Patches for Zendesk Explore

Zendesk has patched a SQL injection vulnerability and logical access flaw in its reporting and analytics tool.

DXC Security Threat Intelligence Report

Get the latest threat updates

Protect your enterprise. Subscribe to DXC's monthly report on the latest threats, breaches, cybercrimes and nation-state activities.

Subscribe now

Other news

Rackspace attack may impact customers

The cloud computing provider warns customers of increased risks from phishing attacks following a ransomware attack on its hosted Microsoft Exchange environment.

Royal Ransomware targets healthcare orgs

The U.S. Department of Health and Human Services (HHS) reports multiple ransomware attacks on healthcare organizations from a new gang of experienced threat actors.

Ransomware kit wipes system data

A version of an open source ransomware toolkit called Cryptonite locks files with no option to decrypt them back, essentially acting as a destructive data wiper.

Three Android apps can be hacked remotely

Unpatched vulnerabilities in three popular Android apps with 2 million installs – Lazy Mouse, PC Keyboard and Telepad – allow a smartphone to be used as a remote keyboard and mouse.

SiriusXM lets hackers remotely unlock, honk and start cars

A now-patched vulnerability in the SiriusXM connected vehicle service exposes cars from Honda, Nissan, Infiniti and Acura to remote attacks via VINs.

PRK hackers lure with fake cryptocurrency apps

The North Korean government’s Lazarus Group leverages cryptocurrency apps to deliver a new version of AppleJeus malware through malicious Microsoft Office documents.

Rogue apps gain high-level access on Androids

Hackers are signing malicious apps with platform certificates from Samsung, LG, MediaTek and other Android smartphone vendors to gain OS-level privileges and harvest sensitive data.

Go-based malware targets Redis servers

Threat actors are exploiting a critical security vulnerability in Redis, an in-memory data structure store, to deploy new Redigo malware and likely build a botnet network.

BMC software flaws expose widely used servers

Three severe vulnerabilities in the American Megatrends MegaRAC Baseboard Management Controller (BMC) software impact AMD, ARM, HPE, Dell and other servers used by many cloud service and data center providers.

PRoot filesystems help hijack Linux devices

The open-source Linux PRoot utility in BYOF (Bring Your Own Filesystem) helps attackers create a consistent repository of malicious tools that work on many Linux distributions.

Android malware apps spotted on Google Play

A new set of Android malware, phishing and adware apps on Google Play pose as useful utilities and system optimizers but instead degrade performance and user experience.

Callback phishing campaigns expected to grow

Unit 42 expects telephone-oriented attack delivery (TOAD) phishing attacks to increase in popularity due to low per-target cost, low risk of detection and fast monetization

DXC Security Threat Intelligence Report

Are we there yet? 4 ways to make faster inroads against cybercrime

Python developers – beware of typos

Watch out for malware on major U.S. news sites

Phishing campaign targets Dropbox

OpenSSL releases patches for two vulnerabilities

State-sponsored Chinese hackers target Japan

FBI warns of potential Chinese TikTok espionage

Subscribe for the latest threat updates.

Outdated Zabbix monitoring tool exploited

Iran-sponsored hackers attack federal network

Amazon RDS leaks ‘treasure trove’ of PII

Patches for Zendesk Explore

Get the latest threat updates

Connect with DXC