Microsoft customer data leaked? – Cyber Security News 21-10-2022

Cyber Security News


Cyberspace is getting denser. And keep on growing in all areas. So, technology has to improve day by day. This is one reason, why cyber security news matters much in the world today. The top 10 Cyber Security News is Here

Top 10 Cyber Security News

1. Using Gameplayer framework Malware, online casinos were targeted by hackers.

  • Chinese threat actors named DiceyF were targeting online casinos with framework malware since November 2021.
  • The Gameplayer framework was used to target it and it is a c++ based malware.  according to researchers, money is not their main target.
  • Some of the payload features are plugins, remote access modules, keyloggers, malware launchers, and more.

2. 16 apps were infected by the clicker malware.

  • 16 malicious apps were infected by clicker malware. This app was downloaded Over 20 million times.
  • The apps included a smart task manager, high-speed camera, flashlight+, K-dictionary, Busan bus, quick notes, currency converter, joy code, Instagram profile downloader, Ez notes, and some more.
  •  This malware seems to be harmless but once downloaded it gets executed into the victim’s system. It runs without the user’s knowledge.

3. Microsoft customers’ data was leaked.

  • Microsoft said that their customer’s data was leaked over the internet by an unintentional misconfiguration error. On September 24, SOCRadar, a threat intelligence firm informed them of the data leak.
  • Also, they said that the leaked customer’s data haven’t been compromised and the customers were being notified regarding the breach.
  • Information includes names, email addresses, phone numbers, company names, and transactions between the victim and Microsoft.

4. More than 60 people are targeted using a PowerShell backdoor.

  • Threat actors use a PowerShell backdoor the exfiltrate data from the victim’s machine. At first, this malicious backdoor seems to be harmless, in VirusTotal scanning services.
  • The injected document arrives in the name of the application form “.docm”. seems to be a document coming from LinkedIn for applying for jobs.
  • This document consists of two PowerShell Script.ps1 and Temp.ps1. both the PowerShell was identified by SafeBreach. Script.ps1 connects to the attacker c2 whereas Temp.ps1 decodes the command.

5. A vulnerability was found in the Apache commons text library.

  • Some people are worrying that the new Apache common text RCE vulnerability will turn into the next Log4shell. But research says that it is not that critical.
  • Apache commons text library is an open-source java library used to decode, generate, modify and escape strings.
  • The developers of the Apache open-source library are requesting Users to update their Apache common text1.10.0.

6. BlackByte ransomware is targeting victims with new extortion tactics.

  • BlackByte ransomware released a new data leak site in hacker forums. They named this operation as BlackByte version 2.0.
  • They have been working on this operation since July 2021.  The group is using the same key to encrypt the files of all its victims
  • They have new extortion tactics which allow victims to pay $5000 to extend the publishing time by 24hrs, for downloading the data $200,000, and for destroying all the data $300,00.

7. URSNIF malware shifting from banking trojan to backdoor.

  • URSNIF malware was stripped of its banking trojan functionality and emerged as a backdoor. So, its main focus was distributing ransomware.
  • It came to light on June 23, 2022. The threat actors execute this variant via phishing emails pretending to be legitimate ones.
  • Whoever visits these malicious sites are required to verify the captcha code to execute this variant. This variant connects to the C2 server using the RSA key.

8. Health system data breach hits 3 million patients.

  • Advocate Aurora health was under a data breach that exposed nearly 3 million patients’ personal data. this was due to the meta pixel on the AAH website.
  • Information includes medical provider information, proxy account information, insurance, medical record number, and more.
  • Patients are requested to use incognito mode when logging into the AAH portal.

9. Two men were sentenced to 2 years for cryptocurrency threat.

  • Meiggs and Harrington were the two men that were sentenced to more than 2 years for death threats, cryptocurrency threats, and, sim swapping.
  • They hacked into victims’ accounts to get their cryptocurrency. They were charged on November 2019 for death threats and sim swapping.
  • These two had stolen nearly $ 330,000 in cryptocurrency from 10 victims.

10. Redline stealer spreads in a phishing site.

  • Redline stealer, a low-cost password stealer was spreading in an online file converter named “Convertio”. Convertio converts files into images, e-books, audio, and video.
  • After converting the file, users are requested to download the file. While downloading this virus file also gets downloaded.
  • These downloaded files are named 2.bat and 3. bat. and, once run it changes the file extension to .exe and .bat.


That’s it, these are the top 10 Cyber Security News of this day. Take a look at this list and expect it to be updated daily at around noon. Until then, Stay tuned folks.

Share this post


Privacy is important AF

Leave a Reply

Your email address will not be published. Required fields are marked *

Join Our Community

Table of Contents

weekly trending


Related Articles