Security News > 2022 > February

As for its endgame, CPR researchers described the newly discovered and analyzed Electron Bot backdoor as "a modular SEO-poisoning malware" used "For social-media promotion and click fraud." Electron Bot can also promote online products: another way to generate PPC revenue or increase a store's rating for higher sales.

Cybersecurity: Don't browse public Wi-Fi without a VPN. In the remote working age, we're all spending more time on public Wi-Fi than we're used to. When you're on public Wi-Fi, you should take some basic precautions to ensure your connection is protected.

US and UK cybersecurity and law enforcement agencies today shared information on new malware deployed by the Iranian-backed MuddyWatter hacking group in attacks targeting critical infrastructure worldwide. MuddyWater is "Targeting a range of government and private-sector organizations across sectors-including telecommunications, defense, local government, and oil and natural gas-in Asia, Africa, Europe, and North America," the two governments said.

The Cuba ransomware operation is exploiting Microsoft Exchange vulnerabilities to gain initial access to corporate networks and encrypt devices. Cybersecurity firm Mandiant tracks the ransomware gang as UNC2596 and the ransomware itself as COLDDRAW. However, the ransomware is more commonly known as Cuba, which is how BleepingComputer will reference them throughout this article.

Kali Linux 2022.1 is your one-stop-shop for penetration testing. Offensive Security recently unleashed the first iteration of Kali Linux for 2022.

A new custom malware dubbed SockDetour found on systems belonging to US defense contractors has been used as a backup backdoor to maintain access to compromised networks. SockDetour [.] serves as a backup backdoor in case the primary backdoor is detected and removed by defenders," Unit 42 explained.

A newly discovered custom malware dubbed SockDetour has been found on systems belonging to US defense contractors and used as a backup backdoor to maintain access to compromised networks. SockDetour [.] serves as a backup backdoor in case the primary backdoor is detected and removed by defenders," Unit 42 explained.

Cybersecurity firm BlueVoyant has taken $250m in a fresh funding round announced this week, pushing the company's valuation past the $1bn mark. BlueVoyant is led by Jim Rosenthal, formerly chief operating officer at Morgan Stanley.

While it is impossible to guarantee 100 percent protection on public Wi-Fi, there are certain measures that can be taken to significantly reduce the risk of cyberthreats over the network and most countries started forcing Wi-Fi providers to include cybersecurity protection along with the internet in order to make them comply with the law. Web filtering is considered to be an all-in-one package solution that protects users from cyber-threats while filtering the internet from unwanted content.

The new data wiper malware deployed on Ukrainian networks in destructive attacks on Wednesday right before Russia invaded Ukraine earlier today was, in some cases, accompanied by a GoLang-based ransomware decoy. "In several attacks Symantec has investigated to date, ransomware was also deployed against affected organizations at the same time as the wiper. As with the wiper, scheduled tasks were used to deploy the ransomware," Symantec revealed today.