Security News > 2022 > February
South Korean researchers have spotted a new wave of activity from the Kimsuky hacking group, involving commodity open-source remote access tools dropped with their custom backdoor, Gold Dragon. A sophisticated threat actor may choose to use commodity RATs because, for basic reconnaissance operations, these tools are perfectly adequate and don't require much configuration.
Oh, blessed day: Microsoft's Patch Tuesday is a featherweight in comparison to some of its not-atypical, 10-ton security updates, with just 51 patches - none of them rated critical. February's patch-a-palooza is light not just in number of CVEs, but also in that it comes with nary a single patch that's labeled critical.
A Canadian who used the Netwalker ransomware to attack 17 organisations and had C$30m in cash and Bitcoin when police raided his house has been jailed for more than six years. Sebastien Vachons-Desjardins of Gatineau, Ottawa, was sentenced to six years and eight months in prison earlier this month after pleading guilty to five criminal charges in Ontario's Court of Justice.
February 2022 Patch Tuesday is here and it's all-around "Light" - light in fixed CVE-numbered vulnerabilities, extremely light in critical fixes, and light in exploited vulnerabilities. Mac users of Microsoft Outlook may also want to patch CVE-2022-23280, a feature bypass vulnerability, quickly.
Macro code from the internet will at last be turned off by default! If you've been in cybersecurity since the last millennium, you will certainly remember, and may still have occasional nightmares about, Microsoft Office macro viruses.
The new update is now available for Windows 10 21H2, version 21H1, and version 20H2 As per the official release notes, Microsoft has published two main cumulative updates for Windows 10 - KB5010342 and KB5010345. Like every Patch Tuesday, you can check for and install new updates by going to Settings, clicking on Windows Update, and selecting 'Check for Updates' to install the updates.
Microsoft has released the Windows 11 KB5010386 cumulative update with security updates, performance improvements, and fixes for an LDAP bug. Windows 11 users can install today's update by going to Start > Settings > Windows Update and clicking on 'Check for Updates.
Hackers have begun adapting to wider use of multi-factor authentication. Security researchers at Proofpoint are warning of a new threat that's only likely to become more serious as time goes on: Hackers who publish phishing kits are beginning to add multi-factor authentication bypassing capabilities to their software.
Today is Microsoft's February 2022 Patch Tuesday, and with it comes fixes for one zero-day vulnerability and a total of 48 flaws. Microsoft has fixed 48 vulnerabilities with today's update, with none of them classified as Critical.
The US Department of Justice announced that law enforcement seized billions worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack. In 2016, the 119,756 bitcoins stolen during the attack were worth almost $78 million and are now valued at roughly $4.5 billion.