10 January 2023
2022
School of Hard Knocks: Job Fraud Threats Target University Students
Timothy Kromphardt, Selena Larson, And Sam Scholten
Excerpt:
“Proofpoint researchers regularly identify and block employment fraud threats that attempt to entice victims with an easy, work-from-home job. These threats disproportionately impact people at colleges and universities, especially students. “
Ukraine Suffers Significant Internet Disruption Following Cyber-Attack
James Coker
https://www.infosecurity-magazine.com/news/ukraine-internet-disruption-cyber/
Excerpt:
“Ukraine’s national telecommunications provider has been hit by a significant cyber-attack, leading to the “most severe” disruption to internet connectivity in the region since the start of the conflict with Russia.”
Beware of old and new tax-themed scams and schemes
Zeljka Zorz
https://www.helpnetsecurity.com/2022/03/28/tax-themed-scams/
Excerpt:
“April 18 marks the end of the 2022 US tax season and those individuals who are yet to file their taxes should get a move on.”
Feds allege destructive Russian hackers targeted US oil refineries
Andy Greenberg
Excerpt:
“For years, the hackers behind the malware known as Triton or Trisis have stood out as a uniquely dangerous threat to critical infrastructure: a group of digital intruders who attempted to sabotage industrial safety systems, with physical, potentially catastrophic results. Now the US Department of Justice has put a name to one of the hackers in that group—and confirmed the hackers' targets included a US company that owns multiple oil refineries.”
UK Teen Arrested in Lapsus Crackdown
Phil Muncaster
https://www.infosecurity-magazine.com/news/uk-teen-arrested-in-lapsus/
Excerpt:
“British police have arrested several young people in connection with the notorious Lapsus ransom attacks, including one 16-year-old from Oxford thought to be the group’s ringleader.”
Android app downloaded 100,000 times from Google Play Store contained password-stealing malware, say security researchers
Liam Tung
Excerpt:
“Google has removed an app with over 100,000 downloads from its Play Store after security researchers warned that the app was able to harvest the Facebook credentials of smartphone users.”
Ukraine Secret Service Arrests Hacker Helping Russian Invaders
Ravie Lakshmanan
https://thehackernews.com/2022/03/ukraine-secret-service-arrests-hacker.html
Excerpt:
“The Security Service of Ukraine (SBU) said it has detained a "hacker" who offered technical assistance to the invading Russian troops by providing mobile communication services inside the Ukrainian territory.”
Pandora Ransomware Hits Giant Automotive Supplier Denso
Elizabeth Montalbano
https://threatpost.com/pandora-ransomware-hits-giant-automotive-supplier-denso/178911/
Excerpt:
“Denso confirmed that cybercriminals leaked stolen, classified information from the Japan-based car-components manufacturer after an attack on one of its offices in Germany.”
Escobar is the new Android banking Trojan we’ve met before
Jovi Umawing
Excerpt:
“Aberebot, a known Android banking Trojan, has changed its name and returned loaded with new features. First spotted by @MalwareHunterTeam in early March, this mobile variant was renamed “Escobar”—a homage to the Colombian drug baron—and disguised itself as a McAfee app. It went by the package name of com.escobar.pablo and the application name of “McAfee”.”
Israeli Government Sites Crash in Cyberattack
Yaniv Kubovich and Omer Benjakob
Excerpt:
“A number of Israeli government websites went down on Monday in an apparent cyberattack. The Israeli cyber authority confirmed the attack was a distributed denial-of-service (DDos) attack that had blocked access to government websites, and that all websites were back online. The websites of the interior, health, justice and welfare ministries had been taken offline, as was that of the Prime Minister's Office.
CaddyWiper, a new data wiper hits Ukraine
Pierluigi Paganini
https://securityaffairs.co/wordpress/129069/cyber-warfare-2/caddywiper-wiper-hits-ukraine.html
Excerpt:
“Experts at ESET Research Labs discovered a new data wiper, dubbed CaddyWiper, that was employed in attacks targeting Ukrainian organizations.”
Poor data sanitization practices put public sector data at risk
https://www.helpnetsecurity.com/2022/03/14/public-sector-device-sanitization/
Excerpt:
“A research launched by Blancco Technology Group reveals current practices and policies for device sanitization within the public sector.”
Critical Infrastructure Threat as Ransomware Groups Target 'Enemies of Russia'
Phil Muncaster
https://www.infosecurity-magazine.com/news/critical-infrastructure-threat/
Excerpt:
“The cybercrime underground has fractured into pro-Ukraine and pro-Russia camps, with the latter increasingly focused on critical national infrastructure (CNI) targets in the West, according to a new report from Accenture.”
Shipping fraud quickly emerging as one of the top fraud types
https://www.helpnetsecurity.com/2022/03/11/growing-digital-fraud/
Excerpt:
“The continuous growth of e-commerce could be behind a surge in shipping fraud, which is now the fastest growing type of digital fraud worldwide, according to a TransUnion report.”
Extortion scheme impersonates government officials, law enforcement
Jovi Umawing
https://blog.malwarebytes.com/scams/2022/03/extortion-fbi/
Excerpt:
“The FBI issued a public warning this week about a fraud scheme wherein scammers impersonate government officials and law enforcement personnel. According to the PSA, the scammers spoof legitimate numbers and names and use fake credentials of well-known members of the government and law enforcement agencies.”
Alleged hacker behind Kaseya ransomware attack extradited, arraigned in Texas
Jonathan Greig
Excerpt:
“Yaroslav Vasinskyi, accused of being connected to the Sodinokibi/REvil ransomware group, was extradited and arraigned in a Dallas, Texas court on Wednesday.”
War in Ukraine: What type of cyber attacks can we expect next?
Zeljka Zorz
https://www.helpnetsecurity.com/2022/03/10/war-ukraine-cyber/
Excerpt:
“The cyber activities related to the ongoing war in Ukraine have run the gamut from wiper malware hitting organizations and the border control in Ukraine, DDoS attacks aimed at government and media websites, and cyber disruption of satellite-based internet service, to preparations for watering hole attacks, next-level disinformation campaigns, and phishing campaigns.”
Scores of US Critical Infrastructure Firms Hit by Ransomware
Phil Muncaster
https://www.infosecurity-magazine.com/news/scores-critical-infrastructure/
Excerpt:
“A prolific ransomware variant has compromised at least 52 critical national infrastructure (CNI) entities, a new FBI report has revealed. In a new Flash update, the Feds claimed that organizations in 10 CNI sectors had been impacted as of January this year, including manufacturing, energy, financial services, government and IT.”
Ukraine websites are hacked to publish fake surrender declaration
Rusen Gobel
https://cloud7.news/security/ukraine-websites-are-hacked-to-publish-fake-surrender-declaration/
Excerpt:
“While it looks like the war between Ukraine and Russia transitioned into a complete physical conflict, there are still hacking activities that going on. There has been a lot of hacking news recently; from hacking Russian TVs to streaming the Ukrainian anthem to digitally crashing Putin’s yacht into Snake Island.”
Samsung confirms Galaxy source code breach but says no customer information was stolen
Cho Mu-Hyun
Excerpt:
“Samsung on Monday confirmed that the company recently suffered a cyberattack, but said that it doesn't anticipate any impact on its business or customers.”
BBC targeted with 383,278 spam, phishing and malware attacks every day
https://www.helpnetsecurity.com/2022/03/07/bbc-malicious-email-attacks/
Excerpt:
“The BBC (British Broadcasting Corporation) were the target of nearly 50 million malicious email attacks between 1st October 2021 and the end of January 2022. This is according to official figures obtained via a Freedom of Information act (FOI) request, and analysed by a Parliament Street think tank.”
How frustrated and burned out are security analysts?
https://www.helpnetsecurity.com/2022/03/07/security-analysts-burnout/
Excerpt:
” Security analysts play a vital role ensuring that their organizations stay safe and secure. But barriers to their work, like a lack of staff, overwork, and tedious tasks are causing frustration and burnout, a Tines report reveals.”
Ukraine's 'IT army' targets Belarus railway network, Russian GPS
James Pearson
Excerpt:
“LONDON, March 3 (Reuters) - Ukraine's "IT army" of volunteer hackers announced a new set of targets on Thursday - including the Belarusian railway network and Russia's homegrown satellite-based navigation system, GLONASS.”
Hacktivists, cybercriminals switch to Telegram after Russian invasion
Bill Toulas
Excerpt:
“Telegram messaging has taken a pivotal role in the ongoing conflict between Russia and Ukraine, as it is being massively used by hacktivists and cybercriminals alike.”
Researchers show they can steal data during homomorphic encryption
Matt Shipman
https://techxplore.com/news/2022-03-homomorphic-encryption.html
Excerpt:
“Homomorphic encryption is considered a next generation data security technology, but researchers have identified a vulnerability that allows them to steal data even as it is being encrypted.”
The biggest threat to ICS/OT is a lack of prioritization
https://www.helpnetsecurity.com/2022/03/03/cyber-attackers-ot-ics/
Excerpt:
“A SANS survey reveals that cyber attackers have demonstrated a robust understanding of operational technology (OT) and industrial control system (ICS) engineering and have conducted attacks that gain access and negatively impact operations and human safety.”
Phishing attacks hit all-time high in December 2021
https://www.helpnetsecurity.com/2022/03/03/phishing-attacks-december-2021/
Excerpt:
“APWG saw 316,747 phishing attacks in December 2021 — the highest monthly total observed since it begain its reporting program in 2004. Overall, the number of phishing attacks has tripled from early 2020.”
How to keep your medical device IP safe from cyber attacks
Guy Gilam
Excerpt:
“Guarding intellectual property (IP) has always been a priority for medical device manufacturers as competitors and even nation states are constantly trying to compromise or steal IP.”
NVIDIA Confirms Employee Credentials Stolen in Cyberattack
Ionut Arghire
https://www.securityweek.com/nvidia-confirms-employee-credentials-stolen-cyberattack
Excerpt:
” NVIDIA this week acknowledged that employee credentials were stolen during a cyberattack on February 23 and confirmed the attackers have started leaking the information online.”
IoT security is foundational, not optional
https://www.helpnetsecurity.com/2022/03/01/securing-internet-of-things/
Excerpt:
“A PSA Certified report predicts that this year will mark a turning point in securing the Internet of Things (IoT), as the industry collectively commits to addressing the historic lag between the rate of digital transformation and the speed of securing the ecosystem.”