Wed.Apr 13, 2022

article thumbnail

Russian Cyberattack against Ukrainian Power Grid Prevented

Schneier on Security

A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used. Key points: ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two weeks The attack used ICS-capable malware and regular disk wipers for Windows, Linux and Solaris operating systems We assess with high confidence that the

Malware 291
article thumbnail

Microsoft Patch Tuesday, April 2022 Edition

Krebs on Security

Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S. National Security Agency (NSA). Of particular concern this month is CVE-2022-24521 , which is a “privilege escalation” vulnerability in the Windows common log file system driver.

DNS 241
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

Cyberattacks preceded Russia’s invasion of Ukraine, and these attacks continue today as the war unfolds. As the United States and other nations condemn Russia’s actions, the odds of Russian cyber actors targeting the U.S., allied countries, and businesses steadily increases. Related: Cyber espionage is in a Golden Age. These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technic

article thumbnail

CISA adds 8 known security vulnerabilities as priorities to patch

Tech Republic Security

The new vulnerabilities are being actively exploited, prompting CISA to advise federal agencies and organizations to patch them in a timely manner. The post CISA adds 8 known security vulnerabilities as priorities to patch appeared first on TechRepublic.

206
206
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Steer clear of this “TestNTrace” SMS spam

Malwarebytes

Yesterday I received an SMS from “TestNTrace”, with the message resembling an official NHS communication: The text reads as follows: NHS: You’ve been in close contact with a person who has contracted the Omicron variant. Please order a test kit via: [URL redacted]. Well, that’s an alarming thing to wake up to. However, not everything is as it first seems.

Scams 131
article thumbnail

Supply chain cyberattacks jumped 51% in 2021

Tech Republic Security

A study published by NCC Group shows what businesses need to be aware of when attempting to prevent cyber attacks. The post Supply chain cyberattacks jumped 51% in 2021 appeared first on TechRepublic.

More Trending

article thumbnail

Millions of Endpoints Affected by Critical HP Teradici PCoIP Vulnerabilities

Heimadal Security

American multinational information technology company HP has issued an alert regarding new critical security weaknesses in the Teradici PCoIP client and agent for Windows, Linux, and macOS, which affect 15 million endpoints. According to the personal computers (PCs), printers, and related supplies developer, Teradici is impacted by the recently reported OpenSSL certificate parsing vulnerability that […].

article thumbnail

CVE-2021-31805 RCE bug in Apache Struts was finally patched

Security Affairs

Apache addressed a critical flaw in Apache Struts RCE that was linked to a previous issue that was not properly fixed. Apache Struts is an open-source web application framework for developing Java EE web applications. The Apache Software Foundation urges organizations to address a vulnerability, tracked as CVE-2021-31805, affecting Struts versions ranging 2.0.0 to 2.5.29.

Software 131
article thumbnail

Russia Is Leaking Data Like a Sieve

WIRED Threat Level

Ukraine claims to have doxed Russian troops and spies, while hacktivists are regularly leaking private information from Russian organizations.

145
145
article thumbnail

Hackers exploit critical VMware CVE-2022-22954 bug, patch now

Bleeping Computer

Security researchers have published various proof of concepts (PoCs) scripts for exploiting CVE-2022-22954 on social media and other channels, essentially enabling malicious actors to attack unpatched systems. [.].

Media 134
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

ESET takes part in global operation to disrupt Zloader botnets

We Live Security

ESET researchers provided technical analysis, statistical information, and known command and control server domain names and IP addresses. The post ESET takes part in global operation to disrupt Zloader botnets appeared first on WeLiveSecurity.

120
120
article thumbnail

U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware

The Hacker News

The U.S. government on Wednesday warned of nation-state actors deploying specialized malware to maintain access to industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices. "The APT actors have developed custom-made tools for targeting ICS/SCADA devices," multiple U.S. agencies said in an alert.

Malware 123
article thumbnail

Microsoft has taken legal and technical action to dismantle the Zloader botnet

Security Affairs

Microsoft’s Digital Crimes Unit (DCU) announced to have shut down dozens C2 servers used by the infamous ZLoader botnet. Microsoft dismantled the C2 infrastructure used by the ZLoader trojan with the help of telecommunications providers around the world and cybersecurity firms. The IT giant obtained a court order that allowed it to sinkhole 65 domains used by the ZLoader operators along with an additional 319 currently registered DGA domains. “Today, we’re announcing that Microsoft’

Banking 113
article thumbnail

Feds Uncover a ‘Swiss Army Knife’ for Hacking Industrial Systems

WIRED Threat Level

The malware toolkit, known as Pipedream, is perhaps the most versatile tool ever made to target critical infrastructure like power grids and oil refineries.

Hacking 123
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

April’s Patch Tuesday update includes fixes for two zero-day vulnerabilities

Malwarebytes

It’s that time of the month again. Time to check what needs to be updated and prioritize where necessary. The Microsoft updates include at least two zero-day vulnerabilities that deserve your attention. Microsoft. Microsoft has released security updates and non-security updates for client and server versions of its Windows operating system and other company products, including Microsoft Office and Edge.

article thumbnail

New EnemyBot DDoS botnet recruits routers and IoTs into its army

Bleeping Computer

A new Mirai-based botnet malware named Enemybot has been observed growing its army of infected devices through vulnerabilities in modems, routers, and IoT devices, with the threat actor operating it known as Keksec. [.].

IoT 116
article thumbnail

Do I Need Antivirus App On Android Phone?

SecureBlitz

Do I need antivirus app on Android phone? Read on for the answer. Antivirus apps are known to provide extra layers of security to computer devices like Android and other operating systems. However, you might be wondering if you really need them on an Android phone. Android is one of the most popular operating systems. The post Do I Need Antivirus App On Android Phone?

Antivirus 110
article thumbnail

NGINX zero-day vulnerability: Check if you’re affected

Malwarebytes

On April 9, hacking group BlueHornet tweeted about an experimental exploit for NGINX 1.18 and promised to warn companies affected by it. On April 10, BlueHornet claimed to have breached the China branch of UBS Securities using the NGINX vulnerability. All we learned on Twitter was that a new zero-day vulnerability in the NGINX web server existed and had been publicly revealed.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

At a Glance: PCI DSS v4.0

PCI perspectives

PCI Data Security Standard (PCI DSS) is a global standard that provides a baseline of technical and operational requirements designed to protect account data. The next evolution of the standard- PCI DSS v4.0- is now available.

article thumbnail

Hacking Forum RaidForums Shut Down

Heimadal Security

The RaidForums hacker site was largely used by cybercriminals to acquire and sell stolen datasets. The forum represented a database sharing and marketplace forum, that offered exclusive database breaches and leaks as well as an active marketplace. Source What Happened? As a result of Operation TOURNIQUET, a sophisticated law enforcement operation coordinated by Europol to assist […].

Hacking 105
article thumbnail

Feds Shut Down RaidForums Hacking Marketplace

Threatpost

The DoJ is charging its founder, 21-year-old Portuguese citizen Diogo Santos Coelho, on six criminal counts, including conspiracy, access device fraud and aggravated identity theft.

article thumbnail

How to Protect Yourself from Rental Scams

Identity IQ

How to Protect Yourself from Rental Scams. IdentityIQ. Competition grows fiercer by the day in the nation’s hottest housing markets, and that translates to a competitive rental market as well. But this uptick in demand for apartments and rental homes has resulted in a tighter rental market, opening the door for scammers preying on the desperate. In fact, the Better Business Bureau warns renters to beware of scammers posing as landlords in a bid to steal cash and personal information by posting f

Scams 105
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

China-linked Hafnium APT leverages Tarrask malware to gain persistence

Security Affairs

China-linked Hafnium APT group started using a new piece of new malware to gain persistence on compromised Windows systems. The China-backed Hafnium cyberespionage group is likely behind a piece of a new malware, dubbed Tarrask, that’s used to maintain persistence on compromised Windows systems, reported Microsoft Threat Intelligence Center (MSTIC) experts.

Malware 106
article thumbnail

Types of Hackers and Examples – Introduction to CyberSecurity

Security Boulevard

Types of Hackers are defined based on how they perform operations and their intentions. In the Early days, cybercriminals are enthusiasts, Who enjoying to testing complete functionality in different perceptions mostly like Kevin Mitnick Who is a famous hacker enjoying what he doing. but nowadays hackers become very dangerous. They mainly find vulnerabilities to gain.

article thumbnail

Is ZoanCash Legit Or A Scam? [Unbiased ANSWER]

SecureBlitz

Is ZoanCash legit or a scam? Read on for the unbiased answer. Almost everyone is looking for a way to make money online and some of them rely on get-paid-to sites. These sites tell you to perform simple online tasks to get money. ZoanCash is one of these websites and their offer is mouth-watering. They. The post Is ZoanCash Legit Or A Scam? [Unbiased ANSWER] appeared first on SecureBlitz Cybersecurity.

Scams 103
article thumbnail

Critical flaw in Elementor WordPress plugin may affect 500k sites

Bleeping Computer

The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact as many as 500,000 websites. [.].

105
105
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

Do I Need Antivirus App On iPhone? [Here’s The ANSWER]

SecureBlitz

Do I need Antivirus app on iPhone? Read on for the answer. To protect your files and data, it is mostly recommended to get an antivirus app on any device. If you use your iPhone to check social media or email, make bank transactions on websites or mobile apps, send texts, store contacts or take. The post Do I Need Antivirus App On iPhone? [Here’s The ANSWER] appeared first on SecureBlitz Cybersecurity.

Antivirus 102
article thumbnail

US cryptocurrency coder gets 5 years for North Korea sanctions busting

Naked Security

Cryptocurrency expert didn't take "No" for an answer when the US authorities said he couldn't pursue cryptocoin opps in North Korea.

article thumbnail

Do I Need Antivirus App On iPad? [Here’s The ANSWER]

SecureBlitz

Do I need Antivirus app on iPad? Read on as I answer the question. The iPad has a lot of features that make it unique and it is perfect for just about any task, which makes it desirable to a lot of people. It can be used for a lot of tasks that involve you. The post Do I Need Antivirus App On iPad? [Here’s The ANSWER] appeared first on SecureBlitz Cybersecurity.

article thumbnail

Russian Hackers Tried Attacking Ukraine's Power Grid with Industroyer2 Malware

The Hacker News

The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday disclosed that it thwarted a cyberattack by Sandworm, a hacking group affiliated with Russia's military intelligence, to sabotage the operations of an unnamed energy provider in the country.

Malware 100
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.