According to Microsoft, Russian FSB hackers are continuing their cyber attacks against Ukraine.

Views expressed in this cybersecurity-cyberwar update are those of the reporters and correspondents.

Accessed on 07 February 2022, 0006 UTC.

Content supplied by “Cyware.com.”

Source:

https://cyware.com/cyber-security-news-articles

Please click link or scroll down to read your selections.

Latest Cybersecurity News And Articles

Microsoft: Russian FSB hackers hitting Ukraine since October

Microsoft said today that a Russian hacking group known as Gamaredon has been behind a streak of spear-phishing emails targeting Ukrainian entities and organizations related to Ukrainian affairs since October 2021.

Ransomware attack hit Swissport International causing delays in flights

Swissport International was hit by a ransomware attack that had a severe impact on its operations causing flights to suffer delays. The company said via Twitter that the attack has been largely contained.

US Federal Government Creates Cybersecurity Incident Review Board

The Department of Homeland Security has announced a new Cyber Safety Review Board bringing together cybersecurity experts from public and private organizations to “review and assess significant cybersecurity events.”

CISA orders federal agencies to patch actively exploited Windows bug

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch their systems against an actively exploited Windows vulnerability that enables attackers to gain SYSTEM privileges.

How attackers got access to the systems of the National Games of China

In early September 2021, Avast threat researcher David Álvarez found a malware sample with a suspicious file extension and a report submitted by the National Games IT team to VirusTotal on an attack against a server associated with the Games.

Russian Gamaredon Hackers Targeted ‘Western Government Entity’ in Ukraine

The Russia-linked Gamaredon hacking group attempted to compromise an unnamed Western government entity operating in Ukraine last month amidst ongoing geopolitical tensions between the two countries.

AsyncRAT Operators Adopt New Evasive Delivery Technique

Morphisec identified a new sophisticated campaign using a phishing tactic with an HTML attachment to deliver AsyncRAT for around five months. Moreover, the malware campaign has one of the lowest detection rates, according to VirusTotal. This calls upon the organizations to regularly audit and upgra … Read More

Airport Services Firm Faces Cyberattack Resulting in Flight Delays Due to Impact on IT Infrastructure

Swiss airport management service Swissport reported a ransomware attack affecting its IT systems on Friday. The company said its IT infrastructure was targeted by the ransomware attack.

Millions of Android Users Targeted by Dark Herring

Experts exposed Dark Herring subscription fraud campaign that infected 105 million devices worldwide via 500 malicious apps to steal hundreds of millions of dollars from unsuspecting users. The names of some malicious apps are Smashex, Upgradem, Stream HD, Vidly Vibe, and Cast It. This indicat … Read More

Distrust, feuds building among ransomware groups

In an industry that operates in anonymity, trust is everything — but recent accusations of ransomware actors working with or being law enforcement is threatening that work model.

Google Drive integration errors created SSRF flaws in multiple applications

Implementation flaws in Google Drive integrations created server-side request forgery (SSRF) vulnerabilities in a variety of applications, a security researcher has revealed.

Argo CD vulnerability leaks sensitive info from Kubernetes apps

A vulnerability in Argo CD, used by thousands of orgs for deploying applications to Kubernetes, can be leveraged in attacks to disclose sensitive information such as passwords and API keys.

Multiple India-based call centers and their directors indicted for perpetuating phone scams affecting thousands of Americans

The US Justice Department indicted six India-based call centers and their directors for their alleged role in making tens of millions of scam calls to defraud thousands of American citizens.

China-linked Cyberattack on News Corp Resulted in the Compromise of Employee Emails

The attack, which was discovered on January 20, affected Dow Jones, the Wall Street Journal, the New York Post, News Corp headquarters, and its UK news operations, according to the report.

Keeper Security Acquires Glyptodon

The acquisition enhances Keeper Security’s continued evolution in the identity and access cybersecurity space, particularly in enabling hyper-secure access to remote resources.

Russian APT Primitive Bear attacks Western gov’t department in Ukraine through job hunt

Primitive Bear (aka Gamaredon), a sophisticated cybercriminal group hailing from Russia has been caught trying to infiltrate a Western government outfit located in Ukraine.

Bank executives mostly concerned about cybercrime

In the survey, involving 279 executives from US financial institutions, 26% of respondents ranked cybersecurity threats and 21% cited recruiting/retaining employees as their top issues in 2022.

The importance of a policy-driven threat modeling approach

Threat modeling is the process of identifying potential attacks, describing their prospective impact, and prioritizing response and remediation measures, thereby enabling policy-driven cybersecurity.

Exposed corporate credentials threatening the pharma sector

The proliferation and circulation of sensitive employee data allow attackers to execute a wide range of cyberattacks, including impersonation, account takeover, ransomware, and others.

Chinese APT Hackers Used xPack Malware to Stay Undetected for 250 Days

A state-sponsored Chinese APT group tracked as ‘Antlion’ has been using a new custom malware backdoor called ‘xPack’ against financial organizations and manufacturing companies.

DHS forms first-ever Cyber Safety Review Board

The new initiative is one in a string of many by the Biden administration to push public and private collaboration in addressing cyber threats such as Log4j vulnerabilities.

New Oski Redesign Steals Crypto and 2FA Codes

Do you remember the Oski malware that suddenly disappeared in July 2020? Anyway, it is back in the form of Mars Stealer, which is a new and powerful version of Oski. As the name suggests, Mars Stealer steals information from all renowned web browsers, various cryptocurrency wallets and extensions, … Read More

EmailThief Operation Exploits Zero-Day Vulnerability in Zimbra Email Platform to Spy on Users

A likely Chinese threat actor is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform as part of spear-phishing campaigns that commenced in December 2021.

UpdateAgent Malware Gains Ability to Bypass Apple’s Gatekeeper System

One of UpdateAgent’s newest and most potent features is the ability to bypass Apple’s built-in Gatekeeper system that is meant to allow only trusted, signed apps to run on Macs.

Business Services Provider Morley Hit by Ransomware Attack Involving Employee, Contractor, and Client Data Theft

Morley Companies Inc. disclosed a data breach after falling victim to a ransomware attack on Aug. 1, 2021, according to a security incident notification by the company on Wednesday.

Update: European Oil Port Terminals Hit by Cyberattack

Major oil terminals in some of Western Europe’s biggest ports have fallen victim to a cyberattack at a time when energy prices are already soaring, sources confirmed on Thursday.