News – February 2022


  • Insurance giant AON hit by a cyberattack over the weekend

    February 28, 2022

    Professional services and insurance giant AON has suffered a cyberattack that impacted a “limited” number of systems. AON is a multinational professional services firm offering a wide array of solutions, including business insurance, reinsurance, cybersecurity consulting, risk solutions, healthcare insurance, and wealth management products. AON generated $12.2 billion of revenue in 2021 and has approximately 50,000 employees ...

  • Ukraine says its ‘IT Army’ has taken down key Russian sites

    February 28, 2022

    Key Russian websites and state online portals have been taken offline by attacks claimed by the Ukrainian cyber police force, which now openly engages in cyber-warfare. As the announcement of the law enforcement agency’s site details, specialists from the force have teamed with volunteers to attack the web resources of Russia and Belarus. The three countries are ...

  • Manufacturing is the most targeted sector by ransomware in Brazil

    February 28, 2022

    According to a report published by IBM on security threats in Latin America, companies from the manufacturing sector are feeling the greatest impact of attacks orchestrated by ransomware gangs. Ransomware, corporate email compromise, and credential harvesting together brought bring sector companies to a standstill in Latin America in 2021, further straining supply chains, the X-Force Threat ...

  • Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks

    February 28, 2022

    New research by the Symantec Threat Hunter team, part of Broadcom Software, has uncovered a highly sophisticated piece of malware being used by China-linked threat actors, exhibiting technical complexity previously unseen by such actors. The malware appears to be used in a long-running espionage campaign against select governments and other critical infrastructure targets. There is strong ...

  • Toyota supplier reports cyberattack that halts production across Japan

    February 28, 2022

    Toyota has shut down production at 14 of its plants in Japan after a supplier reported a cyberattack, according to a statement provided to Reuters and the Associated Press. Toyota did not respond to multiple requests for comment but said the outages were the result of a “supplier system failure.” Kojima Industries Corp, one of the ...

  • Microsoft finds FoxBlade malware on Ukrainian systems, removes RT from Windows app store

    February 28, 2022

    Microsoft says it found a new malware package — which it calls “FoxBlade” — hours before Russia began its invasion of Ukraine on February 24. In a blog post, Microsoft president Brad Smith said it was coordinating its efforts to protect users in Ukraine with the Ukrainian government, the European Union, European nations, the US government, ...

  • Quarter of a million lawyer disciplinary records leak

    February 28, 2022

    Approximately 260,000 nonpublic disciplinary records stored on behalf of The State Bar of California were found to be exposed to the public and to have been republished on Judyrecords.com, a website that aggregates over 630 million public court records. The sensitive records exposed include the case number, filing date, case type, case status, and respondent and ...

  • Building cyber secure Railway Infrastructure

    February 28, 2022

    The European Union Agency for Cybersecurity (ENISA) delivers a joint report with the European Rail Information Sharing and Analysis Center (ISAC) to support the sectorial implementation of the NIS Directive. The report released today is designed to give guidance on building cybersecurity zones and conduits for a railway system. The approach taken is based on the recently ...

  • Ukraine security agencies warn of Ghostwriter threat activity, phishing campaigns

    February 28, 2022

    The Computer Emergency Response Team for Ukraine (CERT-UA) has warned of ongoing phishing and Ghostwriter activities attacking organizations in the country. On February 26, CERT-UA said it continues to track the movements of UNC1151/Ghostwriter, which is currently attacking targets in Ukraine, Poland, Belarus, and Russia. Ghostwriter is believed to be of Belarusian origin. According to the security ...

  • SMS PVA Part 2: Underground Service for Cybercriminals

    February 27, 2022

    In part one, Trend Micro researchers extensively discussed SMS PVA and started investigating a particular service called ReceiveCode that our team first found on a Facebook advertisement. ReceiveCode offers users access to SMS code verification sent to mobile numbers that the company has in their storage. Customers simply need to sign up to their customer-facing portal, ...

  • Nvidia probes cyberattack on internal systems

    February 26, 2022

    Nvidia is probing what may be a ransomware infection that caused outages within its internal network. The malware is said to have taken hold in the past two days, knocking down email and developer systems. The GPU giant continues to investigate. In a statement, an Nvidia spokesperson told The Register on Friday: “Our business and commercial activities continue uninterrupted. ...

  • Destructive Malware Targeting Organizations in Ukraine

    February 26, 2022

    Leading up to Russia’s unprovoked attack against Ukraine, threat actors deployed destructive malware against organizations in Ukraine to destroy computer systems and render them inoperable. On January 15, 2022, the Microsoft Threat Intelligence Center (MSTIC) disclosed that malware, known as WhisperGate, was being used to target organizations in Ukraine. According to Microsoft, WhisperGate is intended to ...

  • British Airways has been hit by ‘technical issues’ that have paralysed IT system

    February 26, 2022

    British Airways has cancelled all short-haul flights from Heathrow until midday leaving passengers stranded while further disruption is expected throughout Saturday due to ongoing technical issues. The airline said the problem, which may also cause delays for its customers using Gatwick and London City Airport, is related to a hardware issue and is not because of ...

  • Cybersecurity burnout is real. And it’s going to be a problem for all of us

    February 25, 2022

    With the number of data breaches in 2021 soaring past that of 2020, there is even more pressure on security teams to keep businesses secure in 2022. But at a time when strength and resilience have never been more important, burnout, low staff morale and high employee turnover could put businesses on the backfoot when ...

  • TrickBot malware operation shuts down, devs move to stealthier malware

    February 25, 2022

    The TrickBot malware operation has shut down after its core developers move to the Conti ransomware gang to focus development on the stealthy BazarBackdoor and Anchor malware families. TrickBot is a notorious Windows malware infection that has dominated the threat landscape since 2016. The malware is commonly installed via malicious phishing emails or other malware, and will ...