Security News > 2022 > February

A sophisticated phishing campaign directed at a "Major, publicly traded integrated payments solution company located in North America" made use of DocuSign and a compromised third party's email domain to skate past email security measures, researchers said. The campaign spread seemingly innocuous emails around the company, with the goal of stealing Microsoft login credentials, researchers at Armorblox revealed.

A malware named Electron Bot has found its way into Microsoft's Official Store through clones of popular games such as Subway Surfer and Temple Run, leading to the infection of roughly 5,000 computers in Sweden, Israel, Spain, and Bermuda. The operation was first discovered at the end of 2018 when an early Electron Bot variant was submitted to the Microsoft Store as "Album by Google Photos," published by a spoofed Google LLC entity.

Krazy Glue of the internet Cloudflare has buffed up its email security with the purchase of anti-phishing firm Area 1. Area 1 Security is all about pre-emptively tracking phishing campaigns and preventing customer mailboxes being troubled thanks to its INBOX.CLEAN product.

An ongoing large-scale phishing campaign is targeting customers of Citibank, requesting recipients to disclose sensitive personal details to lift alleged account holds. The campaign uses emails that feature CitiBank logos, sender addresses that look genuine at first glance, and content that is free of typos.

Cybersecurity firms ESET and Broadcom's Symantec said they discovered a new data wiper malware used in fresh attacks against hundreds of machines in Ukraine, as Russian forces formally launched a full-scale military operation against the country. The Slovak company dubbed the wiper "HermeticWiper", with one of the malware samples compiled on December 28, 2021, implying that preparations for the attacks may have been underway for nearly two months.

ASUSTOR network-attached storage devices have become the latest victim of Deadbolt ransomware, less than a month after similar attacks singled out QNAP NAS appliances. The attacks primarily affect internet-exposed ASUSTOR NAS models running ADM operating systems including, but not limited to, AS5104T, AS5304T, AS6404T, AS7004T, AS5202T, AS6302T, and AS1104T. Much like the intrusions targeting QNAP NAS devices, the threat actors claim to be using a zero-day vulnerability to encrypt ASUSTOR NAS devices, demanding that victims pay 0.03 bitcoins to recover access.

Intelligence agencies in the U.K. and the U.S. disclosed details of a new botnet malware called Cyclops Blink that's been attributed to the Russian-backed Sandworm hacking group and deployed in attacks dating back to 2019. "Cyclops Blink appears to be a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices, primarily small office/home office routers, and network-attached storage devices," the agencies said.

Renewed DDoS attacks have been launched against websites Ukrainian government agencies and banks. New data wiper malware has been discovered on Ukrainian computers, as well as machines in Latvia and Lithuania.

Gemma Brett, a 27-year-old designer from west London, had only been working at Madbird for two weeks when she spotted something strange. The result looked nothing like the videos on Madbird's website of a sleek workspace buzzing with creative-types.

What are the main challenges of exchanging sensitive information using encryption? This takes us into a second challenge affecting the effective exchange of sensitive information using encryption - compliance.