This Week in Cyberspace (12-18 March 2022)

What happened in the cyber world this week? The prominent cyber security news of the week is with you...

escobar google-authenticator

Android Malware Escobar Steals Your Google Authenticator MFA Codes

The Aberebot Android banking trojan has returned under the name 'Escobar' with new features, including stealing Google Authenticator multi-factor authentication codes.



OpenSSL Cert Parsing Bug Causes Infinite Denial of Service Loop

OpenSSL has released a security update to address a vulnerability in the library that, if exploited, activates an infinite loop function and leads to denial of service conditions.



New Linux Botnet Exploits Log4J, Uses DNS Tunneling for Comms

A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies.


fbi mfa

FBI Warns of MFA Flaw Used by State Hackers for Lateral Movement

The FBI says Russian state-backed hackers gained access to a non-governmental organization (NGO) cloud after enrolling their own device in the organization's Duo MFA following the exploitation of misconfigured default multifactor authentication (MFA) protocols.



HackerOne Apologizes to Ukrainian Hackers for Mistakenly Blocking Payouts

Today, Chris Evans, the CISO of bug bounty platform HackerOne, apologized to Ukrainian hackers after the company erroneously blocked their bug bounty payouts following sanctions imposed on Russia and Belarus in the wake of Ukraine's invasion.



Hundreds of GoDaddy-Hosted Sites Backdoored In a Single Day

Internet security analysts have spotted a spike in backdoor infections on WordPress websites hosted on GoDaddy's Managed WordPress service, all featuring an identical backdoor payload.


fidye yazılımı

Microsoft Defender Tags Office Updates as Ransomware Activity

Windows admins were hit today by a wave of Microsoft Defender for Endpoint false positives where Office updates were tagged as malicious in alerts pointing to ransomware behavior detected on their systems.



CISA, FBI Warn US Critical Orgs of Threats to SATCOM Networks

CISA and the FBI said today they're aware of "possible threats" to satellite communication (SATCOM) networks in the US and worldwide.



Google Uncovers 'Initial Access Broker' Working with Conti Ransomware Gang

Google's Threat Analysis Group (TAG) took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations.


If you are interested in this content, you can follow my LinkedIn and Twitter accounts and access more content.

Join our list

Sign up for the e-mail list to be informed about the developments in the cyber world and to be informed about the weekly newsletter.

Haber bültenine kaydolduğunuz için teşekkürler!

Something went wrong.

Leave a Comment

This Week in Cyberspace (12-18 March 2022)

2 min