School of Hard Knocks: Job Fraud Threats Target University Students

Timothy Kromphardt, Selena Larson, And Sam Scholten

https://www.proofpoint.com/us/blog/threat-insight/school-hard-knocks-job-fraud-threats-target-university-students

Excerpt:

“Proofpoint researchers regularly identify and block employment fraud threats that attempt to entice victims with an easy, work-from-home job. These threats disproportionately impact people at colleges and universities, especially students.  “


Ukraine Suffers Significant Internet Disruption Following Cyber-Attack

James Coker

https://www.infosecurity-magazine.com/news/ukraine-internet-disruption-cyber/

Excerpt:

“Ukraine’s national telecommunications provider has been hit by a significant cyber-attack, leading to the “most severe” disruption to internet connectivity in the region since the start of the conflict with Russia.”


Beware of old and new tax-themed scams and schemes

Zeljka Zorz

https://www.helpnetsecurity.com/2022/03/28/tax-themed-scams/

Excerpt:

“April 18 marks the end of the 2022 US tax season and those individuals who are yet to file their taxes should get a move on.”


Feds allege destructive Russian hackers targeted US oil refineries

Andy Greenberg

https://arstechnica.com/tech-policy/2022/03/feds-allege-destructive-russian-hackers-targeted-us-oil-refineries/

Excerpt:

“For years, the hackers behind the malware known as Triton or Trisis have stood out as a uniquely dangerous threat to critical infrastructure: a group of digital intruders who attempted to sabotage industrial safety systems, with physical, potentially catastrophic results. Now the US Department of Justice has put a name to one of the hackers in that group—and confirmed the hackers' targets included a US company that owns multiple oil refineries.”


UK Teen Arrested in Lapsus Crackdown

Phil Muncaster

https://www.infosecurity-magazine.com/news/uk-teen-arrested-in-lapsus/

Excerpt:

“British police have arrested several young people in connection with the notorious Lapsus ransom attacks, including one 16-year-old from Oxford thought to be the group’s ringleader.”


Android app downloaded 100,000 times from Google Play Store contained password-stealing malware, say security researchers

Liam Tung

https://www.zdnet.com/article/google-removes-android-app-with-100000-downloads-from-play-store-over-password-stealing-malware/

Excerpt:

“Google has removed an app with over 100,000 downloads from its Play Store after security researchers warned that the app was able to harvest the Facebook credentials of smartphone users.”


Ukraine Secret Service Arrests Hacker Helping Russian Invaders

Ravie Lakshmanan

https://thehackernews.com/2022/03/ukraine-secret-service-arrests-hacker.html

Excerpt:

“The Security Service of Ukraine (SBU) said it has detained a "hacker" who offered technical assistance to the invading Russian troops by providing mobile communication services inside the Ukrainian territory.”


Pandora Ransomware Hits Giant Automotive Supplier Denso

Elizabeth Montalbano

https://threatpost.com/pandora-ransomware-hits-giant-automotive-supplier-denso/178911/

Excerpt:

“Denso confirmed that cybercriminals leaked stolen, classified information from the Japan-based car-components manufacturer after an attack on one of its offices in Germany.”


Escobar is the new Android banking Trojan we’ve met before

Jovi Umawing

https://blog.malwarebytes.com/android/2022/03/escobar-is-the-new-android-banking-trojan-weve-met-before/

Excerpt:

“Aberebot, a known Android banking Trojan, has changed its name and returned loaded with new features. First spotted by @MalwareHunterTeam in early March, this mobile variant was renamed “Escobar”—a homage to the Colombian drug baron—and disguised itself as a McAfee app. It went by the package name of com.escobar.pablo and the application name of “McAfee”.”


Israeli Government Sites Crash in Cyberattack

Yaniv Kubovich and Omer Benjakob

https://www.haaretz.com/israel-news/.premium-israeli-government-sites-crash-in-cyberattack-1.10674433

Excerpt:

“A number of Israeli government websites went down on Monday in an apparent cyberattack. The Israeli cyber authority confirmed the attack was a distributed denial-of-service (DDos) attack that had blocked access to government websites, and that all websites were back online. The websites of the interior, health, justice and welfare ministries had been taken offline, as was that of the Prime Minister's Office.


CaddyWiper, a new data wiper hits Ukraine

Pierluigi Paganini

https://securityaffairs.co/wordpress/129069/cyber-warfare-2/caddywiper-wiper-hits-ukraine.html

Excerpt:

“Experts at ESET Research Labs discovered a new data wiper, dubbed CaddyWiper, that was employed in attacks targeting Ukrainian organizations.”


Poor data sanitization practices put public sector data at risk

https://www.helpnetsecurity.com/2022/03/14/public-sector-device-sanitization/

Excerpt:

“A research launched by Blancco Technology Group reveals current practices and policies for device sanitization within the public sector.”


Critical Infrastructure Threat as Ransomware Groups Target 'Enemies of Russia'

Phil Muncaster

https://www.infosecurity-magazine.com/news/critical-infrastructure-threat/

Excerpt:

“The cybercrime underground has fractured into pro-Ukraine and pro-Russia camps, with the latter increasingly focused on critical national infrastructure (CNI) targets in the West, according to a new report from Accenture.”


Shipping fraud quickly emerging as one of the top fraud types

https://www.helpnetsecurity.com/2022/03/11/growing-digital-fraud/

Excerpt:

“The continuous growth of e-commerce could be behind a surge in shipping fraud, which is now the fastest growing type of digital fraud worldwide, according to a TransUnion report.”


Extortion scheme impersonates government officials, law enforcement

Jovi Umawing

https://blog.malwarebytes.com/scams/2022/03/extortion-fbi/

Excerpt:

“The FBI issued a public warning this week about a fraud scheme wherein scammers impersonate government officials and law enforcement personnel. According to the PSA, the scammers spoof legitimate numbers and names and use fake credentials of well-known members of the government and law enforcement agencies.”


Alleged hacker behind Kaseya ransomware attack extradited, arraigned in Texas

Jonathan Greig

https://www.zdnet.com/article/alleged-hacker-behind-kaseya-ransomware-attack-extradited-arraigned-in-texas/

Excerpt:

“Yaroslav Vasinskyi, accused of being connected to the Sodinokibi/REvil ransomware group, was extradited and arraigned in a Dallas, Texas court on Wednesday.”


War in Ukraine: What type of cyber attacks can we expect next?

Zeljka Zorz

https://www.helpnetsecurity.com/2022/03/10/war-ukraine-cyber/

Excerpt:

“The cyber activities related to the ongoing war in Ukraine have run the gamut from wiper malware hitting organizations and the border control in Ukraine, DDoS attacks aimed at government and media websites, and cyber disruption of satellite-based internet service, to preparations for watering hole attacks, next-level disinformation campaigns, and phishing campaigns.”


Scores of US Critical Infrastructure Firms Hit by Ransomware

Phil Muncaster

https://www.infosecurity-magazine.com/news/scores-critical-infrastructure/

Excerpt:

“A prolific ransomware variant has compromised at least 52 critical national infrastructure (CNI) entities, a new FBI report has revealed. In a new Flash update, the Feds claimed that organizations in 10 CNI sectors had been impacted as of January this year, including manufacturing, energy, financial services, government and IT.”


Ukraine websites are hacked to publish fake surrender declaration

Rusen Gobel

https://cloud7.news/security/ukraine-websites-are-hacked-to-publish-fake-surrender-declaration/

Excerpt:

“While it looks like the war between Ukraine and Russia transitioned into a complete physical conflict, there are still hacking activities that going on. There has been a lot of hacking news recently; from hacking Russian TVs to streaming the Ukrainian anthem to digitally crashing Putin’s yacht into Snake Island.”


Samsung confirms Galaxy source code breach but says no customer information was stolen

Cho Mu-Hyun

https://www.zdnet.com/article/samsung-confirms-galaxy-source-code-breach-but-says-no-customer-information-was-stolen/

Excerpt:

“Samsung on Monday confirmed that the company recently suffered a cyberattack, but said that it doesn't anticipate any impact on its business or customers.”


BBC targeted with 383,278 spam, phishing and malware attacks every day

https://www.helpnetsecurity.com/2022/03/07/bbc-malicious-email-attacks/

Excerpt:

“The BBC (British Broadcasting Corporation) were the target of nearly 50 million malicious email attacks between 1st October 2021 and the end of January 2022. This is according to official figures obtained via a Freedom of Information act (FOI) request, and analysed by a Parliament Street think tank.”


How frustrated and burned out are security analysts?

https://www.helpnetsecurity.com/2022/03/07/security-analysts-burnout/

Excerpt:

” Security analysts play a vital role ensuring that their organizations stay safe and secure. But barriers to their work, like a lack of staff, overwork, and tedious tasks are causing frustration and burnout, a Tines report reveals.”


Ukraine's 'IT army' targets Belarus railway network, Russian GPS

James Pearson

https://www.reuters.com/world/europe/ukraines-it-army-targets-belarus-railway-network-russian-gps-2022-03-03/

Excerpt:

“LONDON, March 3 (Reuters) - Ukraine's "IT army" of volunteer hackers announced a new set of targets on Thursday - including the Belarusian railway network and Russia's homegrown satellite-based navigation system, GLONASS.”


Hacktivists, cybercriminals switch to Telegram after Russian invasion

Bill Toulas

https://www.bleepingcomputer.com/news/security/hacktivists-cybercriminals-switch-to-telegram-after-russian-invasion/

Excerpt:

“Telegram messaging has taken a pivotal role in the ongoing conflict between Russia and Ukraine, as it is being massively used by hacktivists and cybercriminals alike.”


Researchers show they can steal data during homomorphic encryption

Matt Shipman

https://techxplore.com/news/2022-03-homomorphic-encryption.html

Excerpt:

“Homomorphic encryption is considered a next generation data security technology, but researchers have identified a vulnerability that allows them to steal data even as it is being encrypted.”


The biggest threat to ICS/OT is a lack of prioritization

https://www.helpnetsecurity.com/2022/03/03/cyber-attackers-ot-ics/

Excerpt:

“A SANS survey reveals that cyber attackers have demonstrated a robust understanding of operational technology (OT) and industrial control system (ICS) engineering and have conducted attacks that gain access and negatively impact operations and human safety.”


Phishing attacks hit all-time high in December 2021

https://www.helpnetsecurity.com/2022/03/03/phishing-attacks-december-2021/

Excerpt:

“APWG saw 316,747 phishing attacks in December 2021 — the highest monthly total observed since it begain its reporting program in 2004. Overall, the number of phishing attacks has tripled from early 2020.”


How to keep your medical device IP safe from cyber attacks

Guy Gilam

https://www.helpnetsecurity.com/2022/03/02/how-to-keep-your-medical-device-ip-safe-from-cyber-attacks/

Excerpt:

“Guarding intellectual property (IP) has always been a priority for medical device manufacturers as competitors and even nation states are constantly trying to compromise or steal IP.”


NVIDIA Confirms Employee Credentials Stolen in Cyberattack

Ionut Arghire

https://www.securityweek.com/nvidia-confirms-employee-credentials-stolen-cyberattack

Excerpt:

” NVIDIA this week acknowledged that employee credentials were stolen during a cyberattack on February 23 and confirmed the attackers have started leaking the information online.”


IoT security is foundational, not optional

https://www.helpnetsecurity.com/2022/03/01/securing-internet-of-things/

Excerpt:

“A PSA Certified report predicts that this year will mark a turning point in securing the Internet of Things (IoT), as the industry collectively commits to addressing the historic lag between the rate of digital transformation and the speed of securing the ecosystem.”