Experts discovered malicious Android apps on the Google Play Store masqueraded as antivirus solutions spreading the SharkBot Trojan. Researchers from the Check Point Research (CPR) team discovered several malicious Android apps on the official Google Play Store masqueraded as antivirus solutions that were used to deliver the SharkBot banking Trojan.

The recently disclosed critical Spring4Shell vulnerability is being actively exploited by threat actors to execute the Mirai botnet malware, particularly in the Singapore region since the start of April 2022. “The exploitation allows threat actors to download the Mirai sample to the ‘/tmp’ folder and execute them after permission change using ‘chmod,'” Trend Micro researchers Deep Patel, Nitesh

A hacking group used the Conti’s leaked ransomware source code to create their own ransomware to use in cyberattacks against Russian organizations. […]

A new Android banking malware named Octo has appeared in the wild, featuring remote access capabilities that allow malicious operators to perform on-device fraud. […]

A massive DDoS attack took down Finnish government websites while Ukrainian President Zelenskyy addressed Finland’s members of parliament (MPs). On April 8, a denial-of-service attack took down the websites of the Finnish ministries of Defense and Foreign Affairs. The attack started at about noon, while Ukrainian President Zelenskyy addressed Finland’s members of parliament (MPs).

China-linked threat actors continue to target Indian power grid organizations, most of the attacks involved the ShadowPad backdoor. Recorded Future’s Insikt Group researchers uncovered a campaign conducted by a China-linked threat actor targeting Indian power grid organizations. The security firm is tracking this cluster of malicious activities under the moniker Threat Activity Group 38 aka TAG-3

Experts warn of a Mirai-based botnet exploiting the recently discovered Spring4Shell vulnerability in attacks in the wild. Trend Micro Threat Research reported that the recently discovered Spring4Shell vulnerability ( CVE-2022-22965 ) is actively exploited by a Mirai-based botnet. Researchers from Chinese cybersecurity firm Qihoo 360 first reported the exploitation of the Spring4Shell by a Mirai-

Online attacks follow suspected airspace violation by Russian aircraft Cyberattacks took down Finnish government websites on Friday while Ukrainian President Volodymyr Zelenskyy addressed Finland’s members of parliament (MPs).…

SharkBot was hidden in apps masquerading as antivirus tools.

This year’s MITRE Engenuity™ ATT&CK Evaluation simulates techniques associated with notorious threat groups Wizard Spider and Sandworm to test solutions’ ability to detect and stop APT and Targeted Attacks.

Which are the most important cybersecurity measures that businesses can take to protect themselves in the cloud era?

The operation aimed to disrupt cyber espionage activity a Russian GRU group was using for the Ukraine war.

American automotive tools manufacturer Snap-on announced a data breach exposing associate and franchisee data after the Conti ransomware gang began leaking the company’s data in March. […]

Software giant sinkholes systems used by Russian gang Microsoft this week seized seven internet domains run by Russia-linked threat group Strontium, which was using the infrastructure to target Ukrainian institutions as well as think tanks in the US and EU, apparently to support Russian’s invasion of its neighbor.…

Ransomware remained the most prevalent and impactful type of data security incident.

The notion that citizens are protected from unreasonable search and seizure is a bedrock legal principle: A court must issue a search warrant before police can enter a private home and ransack it looking for evidence. In what former prosecutors and legal experts call a landmark operation, the Department of Justice has now tested that principle to disrupt a Russian botnet that was spreading malwar

Half of the IT professionals surveyed who use cloud services also employ infrastructure-as-a-service and platform-as-a-service.

Microsoft has reminded customers today that multiple editions of Windows 10 20H2 and Windows 10 1909 are reaching the end of service (EOS) on May 10, 2022. […]

A denial-of-service attack knocked the websites for Finland’s defense and foreign ministries offline Friday, the government there said, just as Ukrainian President Volodymyr Zelenskyy spoke to the Finnish parliament. The disruption also coincided with Finland weighing a bid to join NATO and the same day the Finnish defense agency said a Russian aircraft violated its airspace . The Finns didn’t po

GitHub can now block and alert you of pull requests that introduce new dependencies impacted by known supply chain vulnerabilities. […]

Learn from the best in this session Webinar The Log4j vulnerability put everyone in cybersecurity through the mill last December. So, is it OK to relax now?…

China-linked adversaries have been attributed to an ongoing onslaught against Indian power grid organizations, one year after a concerted campaign targeting critical infrastructure in the country came to light. Most of the intrusions involved a modular backdoor named ShadowPad, according to Recorded Future’s Insikt Group, a sophisticated remote access trojan which has been dubbed a “masterpiece

Cybersecurity researchers have uncovered further links between BlackCat (aka AlphaV) and BlackMatter ransomware families, the former of which emerged as a replacement following international scrutiny last year. “At least some members of the new BlackCat group have links to the BlackMatter group, because they modified and reused a custom exfiltration tool […] and which has only been observed in

Google removed six different malicious Android applications targeting mainly users in the U.K. and Italy that were installed about 15,000 times.

Security Pro File: The former Army captain, whose security startup is on an upward trajectory, works hard to “make compliance suck less.”

The Mirai malware is now leveraging the Spring4Shell exploit to infect vulnerable web servers and recruit them for DDoS (distributed denial of service) attacks. […]

Salt Labs has uncovered a Server-Side-Request Forgery on a major FinTech platform, enabling an administrative account takeover. Researchers identified API vulnerabilities allowing them to launch attacks where: Attackers could gain administrative access to the banking platform Attackers could leak users’ personal data Attackers could access users’ banking details and financial transactions Attacke

The popular hacking Anonymous and the IT ARMY of Ukraine continue to target Russian government entities and private businesses. This week Anonymous claimed to have hacked multiple private businesses and leaked their data through the DDoSecrets platform. The list of recently compromised businesses includes: Forest – The hacktivists leaked 37,500 emails stolen from the company which is a Russian lo

[no content]

[no content]

[no content]

[no content]

[no content]

Some enterprise security tactics can backfire, pitting IT and security teams against the employees they’re trying to protect.

Today, the U.S. has announced exemptions on previously imposed sanctions on Russia related to telecommunications and internet-based communications, likely to prevent Russians from being isolated from Western news sources.