News

Hyundai data breach and Microsoft’s warning to accountants

Dan Virgillito
April 17, 2023 by
Dan Virgillito

Hyundai data breach exposes sensitive customer data, Microsoft warns accountants of phishing near Tax Day and the Goldoson Android malware. Catch all this and more in this week’s edition of Cybersecurity Weekly.

Phishing simulations & training

Phishing simulations & training

Build the knowledge and skills to stay cyber secure at work and home with 2,000+ security awareness resources. Unlock the right subscription plan for you.

1. Hyundai data breach compromises details of Italian and French car owners

Hyundai recently disclosed a data breach impacting car owners in Italy and France. The attackers managed to spoof personal data, including physical addresses, email IDs, telephone numbers, and vehicle chassis numbers. Notably, no financial data or identification numbers were stolen. In response, Hyundai has taken impacted systems offline and engaged IT experts to implement additional security measures. Customers are warned to be cautious of unsolicited emails and texts claiming to be from Hyundai, as they could be phishing attempts.

Read more »

2. Microsoft warns accountants of phishing as U.S. Tax Day looms

Microsoft has warned accountants of cybercriminals leveraging the U.S. Tax Day deadline on April 18. Accounting and tax preparation firms are being targeted in a malware campaign disguised as client emails. The emails contain links to download password-protected PDFs, which initiate the download of malicious content, including the Remcos Remote Access Trojan (RAT). This allows hackers to potentially gain unauthorized access to victims' computers and networks. Companies are urged to implement layered defense, patch vulnerabilities and follow safe computing practices to mitigate the risks.

Read more » 

3. Android malware piggybacks on 60 legitimate apps with 100M downloads

An Android malware called Goldoson has infiltrated 60 Google Play apps with 100 that collectively have 100 million installs. The malware is part of a third-party library unknowingly added by developers to their apps. Goldoson is capable of collecting data on Wi-Fi and Bluetooth-connected devices, and GPS locations, as well as performing ad fraud by clicking ads in the background without user consent. While many impacted apps have been cleaned or removed from Google Play, the risk remains as Goldoson may also be present in third-party Android app stores. Users should be vigilant for signs of adware and malware infection, such as device overheating, quick battery drainage and unusually high data usage.

Read more »

4. Ransomware attack prompts Yum! Brands to disclose a data breach

Yum! Brands, the US-based fast-food giant behind beloved chains like KFC, Pizza Hut and Taco Bell, fell victim to a cyberattack on January 18, 2023. The malicious actor gained unauthorized access to Yum! Brands' network, resulting in the temporary closure of approximately 300 UK restaurants. Swift action was taken with Yum! Brands locking down affected systems and notifying law enforcement. The company has reassured that there is no evidence of identity theft or fraud with the stolen data, and customer information remains unaffected. Also, it doesn’t expect any significant impact on its business or financial results, as stated in a report filed with the U.S. Securities and Exchange Commission.

Read more »

5. Hackers selling Python-based credential harvester on Telegram

Legion, a new Python-based credential harvester and hacking tool, is being promoted on Telegram as a means for threat actors to exploit online services. It resembles AndroxGh0st malware and targets vulnerable SMTP servers, conducts remote code execution attacks and exploits unpatched Apache versions. It retrieves credentials for email providers, cloud services and payment platforms. Legion also exploits PHP vulnerabilities for web shell access and delivers SMS spam messages to U.S. mobile networks. The threat actor behind Legion remains unknown, and users of vulnerable web server technologies are urged to review security processes.

Read more »

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

Dan Virgillito
Dan Virgillito

Dan Virgillito is a blogger and content strategist with experience in cyber security, social media and tech news.