Cybercriminals are continuously looking for and developing new ways to disseminate malware, with the most recent option being through malicious advertisements. These malicious advertising, or malvertising campaign are used to spread .NET loaders, known as MalVirt, that deploy information-stealing malware unto unsuspecting devices. Malvertising is a relatively recent hacking strategy that embeds harmful malware in digital advertisements. Almost every internet user is vulnerable to infection.
In a concerning development, cyber criminals have intensified their focus on the general public through sim-swap attacks. Notably, a recent instance involved a remarkably advanced cyber threat actor who successfully carried out a "SIM swapping" attack. The attack was directed at a T-Mobile US, Inc. account linked to an employee of Kroll, demonstrating the growing sophistication of these malicious activities. This incident underscores the urgency of cybersecurity awareness and protection against emerging threats.
Multiple high-severity vulnerabilities in the CODESYS V3 software development kit (SDK) were recently discovered by Microsoft's cyberphysical system experts. The researchers were able to trigger a buffer overflow in a variety of industrial control system devices, revealing a number of vulnerabilities in the process. These flaws could result in a denial of service (DoS) or remote code execution (RCE) attacks.
Cyber threat actors are focusing their efforts on Android users through a technique referred to as "versioning." This involves evading the malware checks of the Google Play Store by introducing a clean version of the app during the initial security validation. Subsequently, after the app passes the initial checks and is made available on the Play Store, these actors later inject the app with malicious code through updates.
![[THREAT ALERT]: PLANNED ATTACKS ON NATION’S CRITICAL INFORMATION INFRASTRUCTURES BY “ANONYMOUS SUDAN” HACKING GROUP AGAINST NIGERIA](https://cert.gov.ng/ngcert/images/alerts-advisories/threat-alert-sm.jpg)
Anonymous Sudan on the 1st of August, 2023 announced via their Telegram channel of planned cyber attacks against critical information infrastructures in Nigeria, following Nigeria’s role and involvement in ECOWAS recent directives to the Niger Military in the process of restoring power to the democratically elected government of Niger Republic.
