Cyber Security News


  • How hackers are trying to undermine Putin

    March 20, 2022

    The Anonymous hacktivist collective has been bombarding Russia with cyber-attacks since declaring “cyber war” on President Vladimir Putin in retaliation for the invasion of Ukraine. Several people operating under its banner spoke to the BBC about their motives, tactics and plans. Of all the cyber-attacks carried out since the Ukraine conflict started, an Anonymous hack on ...

  • Cyclops Blink Sets Sights on Asus Routers

    March 18, 2022

    Cyclops Blink, an advanced modular botnet that is reportedly linked to the Sandworm or Voodoo Bear advanced persistent threat (APT) group, has recently been used to target WatchGuard Firebox devices according to an analysis performed by the UK’s National Cyber Security Centre (NCSC). Trend Micro researchers acquired a variant of the Cyclops Blink malware family that ...

  • An imposter posing as Ukraine’s prime minister tricked his way into a video call with the UK’s defence secretary

    March 18, 2022

    An imposter posing as Ukraine’s prime minister tricked his way into a video call with the UK’s defence secretary in a suspected Russian ploy. Ben Wallace ordered an immediate inquiry into the security breach on Thursday. During the hoax call Mr Wallace engaged for about 10 minutes with the man, who appeared to have gone through a ...

  • New Browser-in-the-Browser attack could be used for phishing

    March 18, 2022

    A novel way of tricking people out of their passwords has left us wondering if there’s a need to rethink how much we trust our web browsers to protect us and to accelerate efforts to close web security gaps. Earlier this week, an infosec researcher known as mr.d0x described a browser-in-the-browser (BitB) attack. It’s a way ...

  • Exotic Lily: Exposing initial access broker with ties to Conti

    March 18, 2022

    In early September 2021, Threat Analysis Group (TAG) observed a financially motivated threat actor we refer to as EXOTIC LILY, exploiting a 0day in Microsoft MSHTML (CVE-2021-40444). Investigating this group’s activity, we determined they are an Initial Access Broker (IAB) who appear to be working with the Russian cyber crime gang known as FIN12 (Mandiant, ...

  • CRI-O Security Update for Kubernetes

    March 18, 2022

    CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected Kubernetes environment as well as other software or platforms that use CRI-O runtime containers. CISA encourages users and administrators to review the CRI-O Security Advisory and apply the necessary updates or ...

  • Britain, U.S. warn of satellite communications risks after Ukraine hack

    March 18, 2022

    Britain and the United States have warned organisations of the risks associated with using satellite communications following a cyberattack on satellite internet modems as Russia invaded Ukraine. Western intelligence agencies have been investigating the attack which disrupted broadband satellite internet access provided by U.S. telecommunications firm Viasat, Reuters reported last week. “It’s certainly something we’re investigating quite ...

  • ISC Releases Security Advisories for BIND

    March 17, 2022

    The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review the following ISC advisories and apply the necessary updates or workarounds. CVE-2021-25220 CVE-2022-0396 CVE-2022-0635 CVE-2022-0667 Read more… Source: U.S. Cybersecurity and ...

  • CISA: Strengthening Cybersecurity of SATCOM Network Providers and Customers

    March 17, 2022

    CISA and the Federal Bureau of Investigation (FBI) are aware of possible threats to U.S. and international satellite communications (SATCOM) networks. Successful intrusions into SATCOM networks could create additional risk for SATCOM network customer environments. In response, CISA and FBI have published joint Cybersecurity Advisory (CSA) Strengthening Cybersecurity of SATCOM Network Providers and Customers, which provides ...

  • UK: Online Safety Bill – Updated proposals will make UK safest place to go online, government says

    March 17, 2022

    Laws that will require social media sites and tech firms to prevent users being exposed to harmful content are being introduced to parliament after several major updates.++ Additions to the bill include the power to hold executives criminally liable if they don’t comply with Ofcom information requests two months after the law begins, rather than the ...