Security News > 2022 > February

Adobe has released an out-of-band security update for Adobe Commerce and Magento Open Source to address active exploitation of a known vulnerability, and Google has an emergency issue, too. "Adobe is aware that CVE-2022-24086 has been exploited in the wild in very limited attacks targeting Adobe Commerce merchants," the Silicon Valley stalwart said.

Cybersecurity researchers have detailed the inner workings of ShadowPad, a sophisticated and modular backdoor that has been adopted by a growing number of Chinese threat groups in recent years, while also linking it to the country's civilian and military intelligence agencies. ShadowPad is a modular malware platform sharing noticeable overlaps to the PlugX malware and which has been put to use in high-profile attacks against NetSarang, CCleaner, and ASUS, causing the operators to shift tactics and update their defensive measures.

Just since Feb. 1, analysts have watched phishing email attacks impersonating LinkedIn surge 232 percent, attempting to trick job seekers into giving up their credentials. The phishing emails themselves were convincing dupes, built in HTML templates with the LinkedIn logo, colors and icons, the report added.

Mozilla is warning website developers that the upcoming Firefox 100 and Chrome 100 versions may break websites when parsing user-agent strings containing three-digit version numbers. Mozilla and Google will continue running experiments for version 100 user-agents until the browsers are released on March 29 for Chrome and May 3 for Firefox.

Acting now will almost certainly jump you ahead of the many inquisitive cybercriminals out there, given that none of the bugs patched in this update seem to be zero-day security holes. Both CVE-2022-22040 and CVE-2022-22021 are annotated with the comment that "a malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host."

Microsoft has released a new Windows 11 build with a long list of improvements and fixes for known issues for all Windows Insiders that will install the Windows 11 Insider Preview Build 22557, now available in the Dev Channel. Probably the most awaited change is the revival of drag and drop support to the taskbar that allows Windows 11 users to drag and drop files between apps by hovering the mouse over their taskbar icons.

The Federal Bureau of Investigation warned today that US organizations and individuals are being increasingly targeted in BEC attacks on virtual meeting platforms. In a Public Service Announcement issued today, the FBI said it noticed scammers switching to virtual meeting platforms matching the overall trend of businesses moving to remote work during the pandemic.

Russian-backed hackers have been targeting and compromising U.S. cleared defense contractors since at least January 2020 to gain access to and steal sensitive info that gives insight into U.S. defense and intelligence programs and capabilities. Since January 2020, Russian hacking groups have breached multiple CDC networks and, in some cases, have maintained persistence for at least six months, regularly exfiltrating hundreds of documents, emails, and other data.

Russian-backed hackers have been targeting and compromising U.S. cleared defense contractors since at least January 2020 to gain access to and steal sensitive info that gives insight into U.S. defense and intelligence programs and capabilities. Since January 2020, Russian hacking groups have breached multiple CDC networks and, in some cases, have maintained persistence for at least six months, regularly exfiltrating hundreds of documents, emails, and other data.

The International Committee of the Red Cross said today that the hack disclosed last month against its servers was a targeted attack likely coordinated by a state-backed hacking group. To breach the Red Cross servers, the threat actors used tactics and custom hacking tools "Designed for offensive security" and obfuscation techniques to evade detection, usually linked to advanced persistent threat groups.