Discord, Telegram Services Hijacked to Launch Array of Cyberattacks

Attackers are easily turning popular messaging apps and their associated services — like bots, cloud infrastructure, and CDNs — against users, researchers warn. [TechWeb]( Follow Dark Reading: [RSS]( July 27, 2022 LATEST SECURITY NEWS & COMMENTARY [Discord, Telegram Services Hijacked to Launch Array of Cyberattacks]( Attackers are easily turning popular messaging apps and their associated services — like bots, cloud infrastructure, and CDNs — against users, researchers warn. [LockBit 3.0: Significantly Improved Ransomware Helps the Gang Stay on Top]( Just ahead of its headline-grabbing attack on the Italian tax agency, the infamous ransomware group debuted an improved version of the malware featuring parts from Egregor and BlackMatter. [Economic Downturn Raises Risk of Insiders Going Rogue]( Insiders could become more vulnerable to cybercrime recruitment efforts, new report says. [Ducktail Spear-Phishing Campaign Uses LinkedIn to Hijack Facebook Business Accounts]( Ducktail targets marketing and HR professionals through LinkedIn to hijack Facebook accounts and run malvertising schemes. [The Beautiful Lies of Machine Learning in Security]( Machine learning should be considered an extension of — not a replacement for — existing security methods, systems, and teams. [How Risk-Based Vulnerability Management Has Made Security Easier]( Trying to remediate everything was never a winning strategy. RBVM is an approach that gets organizations better results with less effort. [Microsoft Tops Brands Phishers Prefer]( Wide use of Microsoft 365 applications by business lets phishers easily launch data theft, BEC, ransomware, and other attacks, new report finds. [(Sponsored Article) Flying Blind in Security Operations]( Too many organizations are STILL getting breached. Every day across large and small organizations, intrusions and breaches happen. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Rare 'CosmicStrand' UEFI Rootkit Swings into Cybercrime Orbit]( The firmware threat offers ultimate stealth and persistence — and may be distributed via tainted firmware components in a supply chain play, researchers theorize. [The Kronos Ransomware Attack: What You Need to Know So Your Business Isn't Next]( Identify your business's security posture and head off ransomware attacks with third-party risk management and vendor security assessments. [What Firewalls Can — and Can't — Accomplish]( Understanding the limitations of firewalls is important to protecting the organization from evolving threats. [MORE]( EDITORS' CHOICE [Supercharged Version of Amadey Infostealer & Malware Dropper Bypasses AVs]( Several threat actors used Amadey Bot previously to steal information and distribute malware such as the GandCrab ransomware and the FlawedAmmy RAT. LATEST FROM THE EDGE [Equitable Digital Identity Verification Requires Moving Past Flawed Legacy Systems]( Data science can be used to improve access to government assistance while reducing fraud. LATEST FROM DR TECHNOLOGY [AI Can Help Fintechs Fight Fraud-as-a-Service]( Artificial intelligence tools can help companies strike the right balance between preventing financial crime and maintaining customer service and satisfaction. WEBINARS - [Building and Maintaining an Effective Remote Access Strategy]( The COVID-19 pandemic transformed enterprises into remote workplaces overnight, forcing IT organizations to revamp their computing and networking strategies on the fly. Some of the changes were intended to be temporary, and some rules were adopted without thinking through all ... - [Building and Maintaining Security at the Network Edge]( Advances in networking and new technologies have expanded the possibilities of deploying applications at the network edge. These edge devices bring with them their own security management challenges and risks. How do you scale your security to manage the sheer ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Implementing Zero Trust In Your Enterprise: How to Get Started]( - [6 Elements of a Solid IoT Security Strategy]( - [Incorporating a Prevention Mindset into Threat Detection and Response]( - [Sumo Logic for Continuous Intelligence]( - [Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal]( - [AppSec Considerations For Modern Application Development]( - [Optimizing Endpoint Protection]( [View More White Papers >>]( FEATURED REPORTS - [Breaches Prompt Changes to Enterprise IR Plans and Processes]( - [Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal]( With attacks and breaches on the rise, enterprise security teams need full visibility over what they have in their network. DNS is a key tool for visibility and asset discovery. Proactive DNS-layer security - such as using DNS data to ... - [Rethinking Endpoint Security in a Pandemic and Beyond]( IT security teams are expending the concept of "endpoint security" as companies adjust to a distributed workforce. How much responsibility will enterprise IT take for the security of personal devices such as printers. How will they manage identities across multiple ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Norton Consumer Cyber Safety Pulse Report: Phishing for New Bait on Social Media]( [Siemens Energy Takes Next Step to Protect Critical Infrastructure]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Implementing Zero Trust In Your Enterprise: How to Get Started]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)