News – January 2022


  • Destructive malware targeting Ukrainian organizations

    January 15, 2022

    Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. Microsoft is aware of the ongoing geopolitical events in Ukraine and surrounding region and encourages organizations to use the information in this post to ...

  • Critical Cisco Contact Center Bug Threatens Customer-Service Havoc

    January 14, 2022

    Cisco UCCE is an on-premises customer-service platform capable of supporting up to 24,000 customer-service agents using channels that include inbound voice, outbound voice, outbound interactive voice response (IVR) and digital channels. It also offers a feedback loop via post-call IVR, email and web intercept surveys; and various reporting options to gather information on agent performance ...

  • Former DHS official charged with stealing govt employees’ PII

    January 14, 2022

    A former Department of Homeland Security acting inspector general pleaded guilty today to stealing confidential and proprietary software and sensitive databases from the US government containing employees’ personal identifying information (PII). 61-year-old Charles Kumar Edwards coordinated the scheme while working for DHS-OIG (Department of Homeland Security, Office of Inspector General) as an employee and acting IG ...

  • Analyzing an Old Bug and Discovering CVE-2021-30995

    January 14, 2022

    On April 26, 2021 Apple patched CVE-2021-1740, which was a vulnerable function inside the system daemon process cfprefsd (these types of processes usually run in the background and handle system tasks). The bug could have been exploited to read arbitrary files, write arbitrary files, and get root privilege escalation. It was addressed in Apple’s Security ...

  • The race towards renewable energy is creating new cybersecurity risks

    January 14, 2022

    The renewable energy industry is becoming more important as countries attempt to move away from fossil fuels, but the continued growth of the sector must be managed with cybersecurity in mind, or there’s the danger that vulnerabilities in everything from power plants down to smart meters could leave energy providers and their customers open to ...

  • Russia: FSB arrests, dismantles REvil hacking group at U.S. request

    January 14, 2022

    Russia has conducted a special operation against ransomware crime group REvil at the request of the United States and has detained and charged the group’s members, the FSB domestic intelligence service said on Friday. The hacker group sought by Washington has been dismantled and the United States has been informed of the steps taken by Russia, ...

  • Ukraine hit by ‘massive’ cyber-attack on government websites

    January 14, 2022

    Ukraine has been hit by a “massive” cyber-attack, with the websites of several government departments including the ministry of foreign affairs and the education ministry knocked out. Suspected Russian hackers left a message on the foreign ministry website, according to reports. It said: “Ukrainians! … All information about you has become public. Be afraid and expect ...

  • Cyberattack shuts down Albuquerque schools; county copes with ransomware incident

    January 13, 2022

    School officials in Albuquerque, New Mexico have cancelled classes for Thursday and Friday due to a cyberattack. The shutdown took place just days after a ransomware attack hit government services across Bernalillo County. In a statement posted to the Albuquerque Public Schools (APS) website, officials said schools will remain closed “as the district continues to investigate ...

  • Fingers point to Lazarus, Cobalt, FIN7 as key hacking groups attacking finance industry

    January 13, 2022

    The Lazarus, Cobalt, and FIN7 hacking groups have been labeled as the most prevalent threat actors striking financial organizations today. According to “Follow the Money,” a new report published on the financial sector by Outpost24’s Blueliv on Thursday, members of these groups are the major culprits of theft and fraud in the industry today. The financial sector ...

  • How to achieve the Interoperability of EU Risk Management Frameworks

    January 13, 2022

    The report (Interoperable EU Risk Management Framework) published today is primarily designed to assess the existing risk management frameworks and methodologies in order to identify those with the most prominent interoperable features. What is security risk management? Information security risk management consists of the coordinated activities of an organisation in order to control information security risks. These ...

  • Iranian intel cyber suite of malware uses open source tools

    January 12, 2022

    FORT MEADE, Md. – To better enable defense against malicious cyber actors, U.S. Cyber Command’s Cyber National Mission Force has identified and disclosed multiple open-source tools that Iranian intelligence actors are using in networks around the world. These actors, known as MuddyWater in industry, are part of groups conducting Iranian intelligence activities, and have been seen ...

  • OceanLotus hackers turn to web archive files to deploy backdoors

    January 12, 2022

    The OceanLotus group of state-sponsored hackers are now using the web archive file format (.MHT and .MHTML) to deploy backdoors to compromised systems. The goal is to evade detection by antivirus solutions tools which are more likely to catch commonly abused document formats and stop the victim from opening them on Microsoft Office. Also tracked as APT32 ...

  • Microsoft starts 2022 with big bundle fixes for 96 security bugs in its software

    January 12, 2022

    The new year brings the same old chore of shoring up Microsoft software. For its first Patch Tuesday of 2022, Redmond has bestowed 96 new CVEs affecting its Windows products. If you include 24 Chromium CVEs published earlier this month and now addressed in Microsoft’s Edge browser, in addition to two CVEs in open source projects ...

  • How to Make API Security an Integral Part of Your Application Security Strategy

    January 12, 2022

    The farther your organization travels down the digital transformation path, the more critical API protection is to your overall security posture. Every day, your development teams are innovating; they rely more on microservices to save time and money as they automate business-to-business processes and provide a back-end for mobile applications. APIs are the cornerstone of ...

  • Maryland officials confirm ransomware attack shut down Department of Health

    January 12, 2022

    Maryland officials confirmed on Wednesday that state’s Department of Health is dealing with a devastating ransomware attack, which has left hospitals struggling amid a surge of COVID-19 cases. In a statement released on Wednesday, Maryland Chief Information Security Officer Chip Stewart said the attack began on December 4 and crippled their systems. “We have paid no extortion ...