Hawaii Cybersecurity Digest

Latest Cybersecurity Information

Cyber Crime, Cyber Intelligence, Cyber Security, Cyber War, Information Security

Latest Security News

Conti Gang says it’s ready to hit critical infrastructure in support of Russian government.

Views expressed in this cybersecurity-cyber war update are those of the reporters and correspondents.

Accessed on 28 February 2022, 0041 UTC.

Content supplied by “Security News | CSO.”


Please click link or scroll down to read your selections.


cyberwar thinkstock

TrickBot operators slowly abandon the botnet and replace it with Emotet

Researchers believe the group behind TrickBot are moving the infected devices it controls to the newer, more difficult to detect Emotet malware.

Ransomware is top attack vector on critical infrastructure

An annual review from Dragos finds much improvement needed to protect industrial systems. More regulation is possible if they don’t.

Ransomware is top cyberattack type, as manufacturing gets hit hardest

Ransomware was the number one attack type in 2021 as phishing and vulnerability exploits were top infection vectors, according to the IBM X-Force Threat Intelligence Index.

NIST seeks information on updating its Cybersecurity Framework

Security community welcomes the update, but a U.S. GAO report cites slow adoption among government.

Forcepoint One combines zero trust and SASE under a single umbrella

Forcepoint introduces a single security platform as an alternative to a best-of-breed approach.

Redstor extends protection of Kubernetes in AWS, unifies container backups

New support for Amazon EKS enables partners to scale back ups rapidly without complex scripting and removes need to bolt together multiple solutions.

Microsoft updates security applications for multicloud environments

Microsoft is extending Microsoft Defender for Cloud to support Google Cloud environments, rolling out a raft of security updates for Azure Active Directory and Azure, and making its CloudKnox Permissions Management platform available…

Slack outage stymies some business users

The team channels platform went down at mid-morning in the US; Slack worked for several hours to find and fix the problem.

GitHub makes Advisory Database public to improve software supply chain security

Researchers, academics, and enthusiasts can now contribute to and benefit from free, open-source security data on software supply chain vulnerabilities.

LiveAction tackles encryption blindness with new offering

ThreatEye NV combines behavior analysis and machine learning to expose malware in encrypted network traffic.

New offering from DNSFilter targets shadow IT risks

DNS security firm’s AppAware identifies risky apps and helps to subdue them.

Dangerous privilege escalation bugs found in Linux package manager Snap

Newly discovered Snap flaw allows a low-privileged user to gain root access.

New quantum key distribution network resistant to quantum attacks

A claimed first-of-a-kind quantum key distribution network offers 800 Gbps encryption under real-world environmental conditions and has been demonstrated to detect and defend against quantum threats.

ShadowPad has become the RAT of choice for several state-sponsored Chinese APTs

New research links the ShadowPad remote-access Trojan to China’s Ministry of State Security and the People’s Liberation Army.

Trousseau bolsters its Kubernetes security capabilities with support for HashiCorp Vault

Open-source software to protect secrets in Kubernetes adds first key manager to its portfolio.

F5 integrates application, cloud security in a unified SaaS platform

The first new application on F5’s Distributed Cloud Services platform is Distributed Cloud WAAP (web application and API protection), consolidating web application firewall, bot mitigation, DDoS, and API protection capabilities.

Software supply chain attacks hit three out of five companies in 2021

Survey finds significant jump in software supply chain attacks after Log4j exposed.

NIST releases software, IoT, and consumer cybersecurity labeling guidance

The new guidance aims to tighten security requirements for federally purchased software and give consumers better insight into the security of software and devices they buy.