This Week in Cyberspace (5-11 February 2022)
What happened in the cyber world this week? The prominent cyber security news of the week is with you...
CISA Orders Federal Agencies to Patch Actively Exploited Windows Bug
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch their systems against an actively exploited Windows vulnerability that enables attackers to gain SYSTEM privileges.
FBI Shares Lockbit Ransomware Technical Details, Defense Tips
The Federal Bureau of Investigation (FBI) has released technical details and indicators of compromise associated with LockBit ransomware attacks in a new flash alert published this Friday.
Microsoft, Ukrayna’yı Hedefleyen Rus Hacking Kampanyasının Yeni Ayrıntılarını Ortaya Çıkardı
Microsoft on Friday shared more of the tactics, techniques, and procedures (TTPs) adopted by the Russia-based Gamaredon hacking group to facilitate a barrage of cyber espionage attacks aimed at several entities in Ukraine over the past six months.
BlackCat (ALPHV) Ransomware Linked to BlackMatter, DarkSide Gangs
The Black Cat ransomware gang, also known as ALPHV, has confirmed they are former members of the notorious BlackMatter/DarkSide ransomware operation.
Law Enforcement Action Push Ransomware Gangs to Surgical Attacks
The numerous law enforcement operations leading to the arrests and takedown of ransomware operations in 2021 have forced threat actors to narrow their targeting scope and maximize the efficiency of their operations.
New CapraRAT Android Malware Targets Indian Government and Military Personnel
A politically motivated advanced persistent threat (APT) group has expanded its malware arsenal to include a new remote access trojan (RAT) in its espionage attacks aimed at Indian military and diplomatic entities.
Microsoft Plans to Kill Malware Delivery via Office Macros
Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware.
Puma Hit by Data Breach After Kronos Ransomware Attack
Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021.
Google Sees 50% Security Boost for 150M Users After 2FA Enroll
After accelerating its efforts to auto-enroll as many accounts as possible in two-factor authentication (2FA), Google announced that an additional 150 million users now have 2FA enabled.
Windows 10 KB5010342 & KB5010345 Updates Released
The new update is now available for Windows 10 21H2, version 21H1, and version 20H2 As per the official release notes, Microsoft has published two main cumulative updates for Windows 10 - KB5010342 and KB5010345.
Molerats Hackers Deploy New Malware In Highly Evasive Campaign
The Palestinian-aligned APT group tracked as TA402 (aka Molerats) was spotted using a new implant named 'NimbleMamba' in a cyber-espionage campaign that leverages geofencing and URL redirects to legitimate websites.
CISA Warns Admins to Patch Maximum Severity SAP Vulnerability
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned admins to patch a set of severe security flaws dubbed ICMAD (Internet Communication Manager Advanced Desync) and impacting SAP business apps using Internet Communication Manager (ICM).
‘PHP Everywhere’ Eklentisindeki Kritik RCE Kusurları Binlerce WordPress Sitesini Etkiliyor
Critical security vulnerabilities have been disclosed in a WordPress plugin known as PHP Everywhere that's used by more than 30,000 websites worldwide and could be abused by an attacker to execute arbitrary code on affected systems.
FritzFrog Botnet Grows 10x, Hits Healthcare, Edu, and Govt Systems
The FritzFrog botnet that's been active for more than two years has resurfaced with an alarming infection rate, growing ten times in just a month of hitting healthcare, education, and government systems with an exposed SSH server.
Microsoft Fixes Defender Flaw Letting Hackers Bypass Antivirus Scans
Microsoft has recently addressed a weakness in the Microsoft Defender Antivirus on Windows that allowed attackers to plant and execute malicious payloads without triggering Defender's malware detection engine.
Hackers Planted Fake Digital Evidence on Devices of Indian Activists and Lawyers
A previously unknown hacking group has been linked to targeted attacks against human rights activists, human rights defenders, academics, and lawyers across India in an attempt to plant "incriminating digital evidence."
Sign up for the e-mail list to be informed about the developments in the cyber world and to be informed about the weekly newsletter.
Haber bültenine kaydolduğunuz için teşekkürler!
Something went wrong.
