In the Spotlight this Week:
- Chinese Hackers Used ScanBox Framework in Recent Cyber Espionage Attacks
- Severe TikTok Android App Flaw Allowed Account Hijacking
- Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations
- Privacy Commissioner Closes Probe into RBNZ Cyber Defenses
- New Cyber Security Center to Protect NSW Police Network
Researchers have found a high-severity vulnerability within two versions of the TikTok Android app that allows hackers to send messages, access, and upload videos, without users' knowledge. The regional versions of the app included one meant for East and Southeast Asia, while the other is for the rest of the world. To exploit this vulnerability, the attackers need only deploy a tailor-made malicious link before being able to access a trove of personal data.
Iranian state-sponsored threat actors are exploiting unpatched systems running Log4j to target Israeli entities, indicating the vulnerability’s long tail for remediation. The threat group tracked as MuddyWater (aka ColbaltUlster, Mercury, Seedworm, or Static Kitten) is linked to the Iranian intelligence apparatus, the Ministry of Intelligence and Security (MOIS). After compromising target devices, webshells are deployed to execute commands that permit the actor to conduct reconnaissance, establish persistence, steal credentials, and facilitate lateral movement.
New Zealand’s Privacy Commission has closed a probe into the Reserve Bank of New Zealand’s (RBNZ) cyber defenses, following a breach in Dec 2020. The RBNZ was the victim of a cyber attack on a third party file sharing application used to share and store information. The Office of the Privacy Commissioner had issued a notice to the RBNZ for not meeting its obligations under the privacy act, but have since closed the compliance notice after gaining confidence that the RBNZ has made every recommended change to its privacy and cyber defenses and more.
A new Cyber Security Operations Center has been launched in a joint project led by the NSW Police Force and Cyber Security NSW. The center aims to safeguard the NSW Police Force systems from terrorists, organised criminal networks and hackers, and will have a frontline tactical team of fifteen analysts and engineers working seven days a week. The NSW Police Force holds a significant amount of sensitive data on local, national, and international criminal investigations, and this information could be highly valuable to criminals.