Security News > 2022 > February

A peer-to-peer Golang botnet has resurfaced after more than a year to compromise servers belonging to entities in the healthcare, education, and government sectors within a span of a month, infecting a total of 1,500 hosts. Dubbed FritzFrog, "The decentralized botnet targets any device that exposes an SSH server - cloud instances, data center servers, routers, etc. - and is capable of running any malicious payload on infected nodes," Akamai researchers said in a report shared with The Hacker News.

Trend Micro has published a research revealing that persistently low IT/C-suite engagement may imperil investments and expose organizations to increased cyber risk. "Now it can be hours, or even sooner. More executives than ever understand that they have a responsibility to be informed, but they often feel overwhelmed by how rapidly the cybersecurity landscape evolves. IT leaders need to communicate with their board in such a way that they can understand where the organization's risk is and how they can best manage it."

Zero trust adoption will continue to mature, with 78 percent of firms planning to bolster zero trust security operations in the new year. Implementing zero trust technologies can address emerging security gaps, but most enterprises are still in early stages of adoption.

80% of critical infrastructure organizations experienced a ransomware attack in the last year, with an equal number reporting that their security budgets have risen since 2020, a Claroty report reveals. The report is based on an independent global survey of 1,100 information technology and operational technology professionals who work in critical infrastructure sectors, exploring how they have dealt with the significant challenges in 2021, their levels of resiliency, and priorities moving forward.

Nations running online foreign influence campaigns have turned to dating apps to recruit people privy to sensitive information, according to the director general of the Australian Security and Intelligence Organisation, the nation's security agency directed against external threats and a key partner in the Five Eyes security alliance. "In the last two years, thousands of Australians with access to sensitive information have been targeted by foreign spies using social media profiles," revealed ASIO supremo Mike Burgess during his third annual threat assessment address on Wednesday.

The report found that of companies using multiple cloud platforms, 48% are also taking a hybrid approach by utilizing both public and private clouds. To get a better understanding of what these multi and hybrid cloud environments look like, and to identify the common challenges and opportunities shared by developers, IT teams, and companies working to become cloud-native, 416 US and UK IT decision-makers were surveyed in Q4 2021.

The data center interconnect market is projected to grow from $8.6 billion in 2021 and is projected to reach $17 billion by 2026; it is expected to grow at a CAGR of 14.5 % from 2021 to 2026, according to ResearchAndMarkets. High initial investments required in setting up data centers is a prominent factor limiting the growth of the data center interconnect market.

A special law enforcement operation undertaken by Russia has led to the seizure and shutdown of four online bazaars that specialized in the theft and sales of stolen credit cards, as the government continues to take active measures against harboring cybercriminals on its territory. Ferum Shop, active since October 2013, made as much as $256 million in Bitcoin from stolen card sales, accounting for nearly 17% of the stolen credit card market.

Microsoft on Monday said it's taking steps to disable Visual Basic for Applications macros by default across its products, including Word, Excel, PowerPoint, Access, and Visio, for documents downloaded from the web in an attempt to eliminate an entire class of attack vector."Bad actors send macros in Office files to end users who unknowingly enable them, malicious payloads are delivered, and the impact can be severe including malware, compromised identity, data loss, and remote access," Kellie Eickmeyer said in a post announcing the move.

Critical security vulnerabilities have been disclosed in a WordPress plugin known as PHP Everywhere that's used by more than 30,000 websites worldwide and could be abused by an attacker to execute arbitrary code on affected systems. PHP Everywhere is used to flip the switch on PHP code across WordPress installations, enabling users to insert and execute PHP-based code in the content management system's Pages, Posts, and Sidebar.