News – March 2022

March 31, 2022

An inspector general probe into the U.S. Postal Service surveillance program, known as iCOP, concluded that the agency did not have the legal authority to conduct the sweeping intelligence collection and surveillance of American protesters and others between 2018 and 2021. The Postal Service Office of Inspector General launched an investigation into iCOP — which stands ...

March 31, 2022

Recently, two vulnerabilities were announced within the Spring Framework, an open-source framework for building enterprise Java applications. On March 29, 2022, the Spring Cloud Expression Resource Access Vulnerability tracked in CVE-2022-22963 was patched with the release of Spring Cloud Function 3.1.7 and 3.2.3. Two days later on March 31, 2022, Spring released version 5.3.18 and ...

March 31, 2022

For the Lazarus threat actor, financial gain is one of the prime motivations, with a particular emphasis on the cryptocurrency business. As the price of cryptocurrency surges, and the popularity of non-fungible token (NFT) and decentralized finance (DeFi) businesses continues to swell, the Lazarus group’s targeting of the financial industry keeps evolving. We recently discovered a ...

March 31, 2022

Apple has released updates for its mobile and desktop operating systems to patch security holes that may well have been exploited in the wild. On Thursday, the iPhone giant issued macOS Monterey 12.3.1; iOS 15.4.1 and iPadOS 15.4.1; tvOS 15.4.1; and watchOS 8.5.1 to address vulnerabilities in its software. The Monterey release closes CVE-2022-22675, an out-of-bounds write ...

March 31, 2022

CISA has released two Industrial Controls Systems Advisories (ICSAs) detailing vulnerabilities in Rockwell Automation products. An attacker could exploit these vulnerabilities to inject code on affected system. CISA encourages users and administrators to review ICSA-22-090-05: Rockwell Automation Logix Controllers and ICSA-22-090-07: Rockwell Automation Studio 5000 Logix Designer for more information and to apply the necessary mitigations ...

March 31, 2022

Researchers have uncovered a new infostealer malware being peddled in Russian underground forums. Dubbed BlackGuard, zScaler says that the new malware strain is “sophisticated” and has been made available to criminal buyers for a monthly price of $200. Infostealers are forms of malware designed to harvest valuable data, potentially including operating system information, contact lists, screenshots, network ...

March 30, 2022

In early March, Google’s Threat Analysis Group (TAG) published an update on the cyber activity it was tracking with regard to the war in Ukraine. Since our last update, TAG has observed a continuously growing number of threat actors using the war as a lure in phishing and malware campaigns. Government-backed actors from China, Iran, ...

March 30, 2022

Apple Inc. and Meta Platforms Inc., the parent company of Facebook, provided customer data to hackers who masqueraded as law enforcement officials, according to three people with knowledge of the matter. Apple and Meta provided basic subscriber details, such as a customer’s address, phone number and IP address, in mid-2021 in response to the forged “emergency ...

March 30, 2022

Every year, vulnerabilities are discovered and registered to a Common Vulnerabilities and Exposures (CVE) ID by the MITRE Corporation. Each vulnerability’s details are recorded, and specialists also include how to mitigate them under their CVE ID. Vulnerabilities that can affect industrial control system (ICS) environments are identified to the public through advisories by the Industrial ...

March 30, 2022

The international tech conference will take place next June 30th – July 1st, 2022 Press release For immediate release Luxembourg, March 28th, 2022 – ICT Spring is a centrepiece of Luxembourg’s event calendar and one of the top European tech conferences. Organized by Farvest and hosted next June 30th and July 1st at LuxExpo the Box, the event will ...

March 30, 2022

The FBI is informing Government Facilities Sector (GFS) partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses. Ransomware attacks against local government entities and the subsequent impacts are especially significant due to the public’s dependency on critical utilities, emergency ...

March 30, 2022

In a shock to absolutely no one paying attention to the so-called Web3 space, the touted security of blockchain-driven solutions might not be all it is cracked up to be. The latest victim comes by way of Ronin, which detailed that 173,600 in Ethereum (ETH) and 25.5 million in USD coin had departed its clutches across ...

March 29, 2022

A powerful and effective cyberattack on the Russian Federal Air Transport Agency (Rosaviatsia) infrastructure that took place on Saturday morning has erased all documents, files, aircraft registration data and mails from the servers. In total, about 65 terabytes of data was erased. The news became known on Monday morning, the agency’s official website (favt.ru) went ...

March 29, 2022

Hackers were much faster to exploit software bugs in 2021, with the average time to exploitation down from 42 days in 2020 to just 12 days. That marks a 71% decrease in ‘time to known exploitation’ or TTKE, according to security firm Rapid7’s new 2021 Vulnerability Intelligence Report. The main reason for the reduction in TTKE ...

March 29, 2022

The Transparent Tribe hacking group is back with a new malware arsenal and victim list including India’s government and military. Active since at least 2013, the advanced persistent threat (APT) group operates in at least 30 countries. However, the APT tends to focus on India and Afghanistan – with the exception being attacks recorded against human ...