Cyber Security News


  • Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments

    March 8, 2022

    UPDATE: The original post may not have provided full clarity that CVE-2021-44207 (USAHerds) had a patch developed by Acclaim Systems for applicable deployments on or around Nov. 15, 2021. Mandiant cannot speak to the affected builds, deployment, adoption, or other technical factors of this vulnerability patch beyond its availability. In May 2021 Mandiant responded to an APT41 intrusion ...

  • Microsoft March 2022 Patch Tuesday: 71 vulnerabilities fixed

    March 8, 2022

    Microsoft has released 71 security fixes for software, including 41 patches for Microsoft Windows vulnerabilities, five vulnerabilities in Microsoft Office and two in Microsoft Exchange. Two of the vulnerabilities are rated critical — CVE-2022-22006 and CVE-2022-24501 — while the rest are rated important. In the Redmond giant’s latest round of patches, usually released on the second Tuesday ...

  • FBI: RagnarLocker Ransomware Indicators of Compromise

    March 7, 2022

    The FBI first became aware of RagnarLocker in April 2020 and subsequently produced a FLASH to disseminate known indicators of compromise (IOCs) at that time. This FLASH provides updated and additional IOCs to supplement that report. As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by ...

  • TA416 Increases Operational Tempo Against European Governments as Conflict in Ukraine Escalates

    March 7, 2022

    Since 2020, Proofpoint researchers have observed TA416, an actor assessed to be aligned with the Chinese state, utilizing web bugs to profile their targets. Commonly referred to as tracking pixels, web bugs embed a hyperlinked non-visible object within the body of an email that, when enabled, will attempt to retrieve a benign image file from ...

  • Deep dive: Vulnerabilities in ZTE router could lead to complete attacker control of the device

    March 7, 2022

    Cisco Talos’ vulnerability research team disclosed multiple vulnerabilities in the ZTE MF971R wireless hotspot and router in October. Several months removed from that disclosure and ZTE’s patch, researchers decided to take an even closer look at two of these vulnerabilities — CVE-2021-21748 and CVE-2021-21745 — to show how they could be chained together by an ...

  • SharkBot malware hides as Android antivirus in Google Play

    March 5, 2022

    SharkBot banking malware has infiltrated the Google Play Store, the official Android app repository, posing as an antivirus with system cleaning capabilities. Although the trojan app was far from popular, its presence in Play Store shows that malware distributors can still bypass Google’s automatic defenses. The app is still present in Google’s store at the moment ...

  • Russia shares list of 17,000 IPs allegedly DDoSing Russian orgs

    March 5, 2022

    The Russian government shared a list of 17,576 IP addresses allegedly used to launch distributed denial-of-service (DDoS) attacks targeting Russian organizations and their networks. The list was shared by the National Coordination Center for Computer Incidents (NKTsKI), an organization created by Russia’s Federal Security Service (FSB), together with guidance to defend against the attacks and ...

  • Ukraine digital army brews cyberattacks, intel and infowar

    March 5, 2022

    Formed in a fury to counter Russia’s blitzkrieg attack, Ukraine’s hundreds-strong volunteer “hacker” corps is much more than a paramilitary cyberattack force in Europe’s first major war of the internet age. It is crucial to information combat and to crowdsourcing intelligence . “We are really a swarm. A self-organizing swarm,” said Roman Zakharov, a 37-year-old IT ...

  • Ukraine to be accepted as a Contributing Participant to NATO CCDCOE

    March 4, 2022

    This week, the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) held its 30th Steering Committee. With a unanimous vote, the 27 Sponsoring Nations in the Steering Committee of the CCDCOE agreed to Ukraine’s membership in the NATO CCDCOE as a Contributing Participant. “Ukraine’s presence in the Centre will enhance the exchange of cyber expertise, between ...

  • Microsoft suspends new sales in Russia

    March 4, 2022

    Microsoft has now committed over $35 million to support humanitarian assistance and relief efforts for Ukraine. This includes more than $18 million worth of Microsoft technology to help organizations such as the Polish Humanitarian Action respond to critical needs and others providing services on the ground. Microsoft employee donations are being matched by the company 2:1, ...