Cyber Security News – January 2023

January 30, 2023

Topic of the Month
Zero Click Attack

Zero-click attacks are a type of targeted cyber attack that can be carried out without the need of user interaction. In a zero-click attack, attackers often deliver specially crafted malicious code, such as a hidden text message or image file, to their target through applications that provide messaging or voice calls. Malicious code that exploits vulnerabilities in the operating system or application can become active without the need of any user interaction.

News of the Month
New Remote Access Trojan Horse Gigabud RAT

Cyber Attackers is deploying a new Remote Access Trojan called Gigabud that impersonates government agencies, financial institutions, and other organizations from Thailand, Peru, and the Philippines.

Gigabud uses a server-side verification process to ensure that the mobile phone number entered during registration is legitimate. The malware sends a fake credit agreement to the victim from the sign-in screen and asks them to verify the information.

Investigators have revealed that when users install a malicious app on their devices in connection with this attack, they display a legitimate-looking login screen that asks them to enter their mobile phone number and password..

Tip of the Month
How to Protect Ourselves from a Zero-Click Attack

  • Do not use devices that are not supported by the manufacturer.
  • Keep your device’s operating system and apps up to date.
  • Do not jailbreak or root your device.
  • Use only apps from official stores.
  • Use strong passwords.
  • Use two-factor authentication.
  • Store your passwords only in secure password wallets.
  • Uninstall apps you don’t use on your mobile device or computer.