Security News > 2022 > February

Among its findings, the research reports that despite a community reckoning to ban ransomware activity from online forums, hacker groups used alternate personas to continue to proliferate the use of ransomware against an increasing spectrum of sectors - hitting the financial, utilities and retail sectors most often, accounting for nearly 60% of ransomware detections. "While we ended 2021 focused on a resurgent pandemic and the revelations around the Log4j vulnerability, our third-quarter deep dive into cyber threat activity found notable new tools and tactics among ransomware groups and advanced global threat actors," said Raj Samani, Chief Scientist and Fellow at Trellix.

Keyavi Data issued a set of best practices for keeping personal and business data out of criminal hands using multi-factor authentication. These best practices explain why MFA remains one of the best defenses for mitigating password risk and preventing cyber criminals from exploiting user credentials.

ESG as a box-ticking exercise 40% of risk professionals view their organization's current ESG strategy as a box-ticking exercise, rather than driving real impact. Risk at the board level Risks that are currently top of mind at board meetings are regulatory changes and compliance, human capital, including talent management, retention and recruitment and lack of diversity within the board or management team.

The growing impetus of the Global Network-as-a-Service Market is attributed to increasing adoption of cloud services among enterprises and augmentation in software-defined network. Readiness towards the implementation and acceptance of advanced technology, strong research and development in the telecom industry, the surge in the number of cloud-based services and other factors are driving the Network as a Service market.

The United States Federal Communications Commission has revealed that carriers have applied for $5.6 billion in funding to rip and replace China-made communications kit. The applications were made under the Secure And Trusted Communications Reimbursement Program, which offers to reimburse carriers with under ten million subscribers to ditch kit from Chinese manufacturers Huawei and ZTE. The FCC and Congress want them to do so because the USA fears made-in-China comms kit contains backdoors that Beijing could exploit to either eavesdrop on communications or cut them off entirely.

Systems hosting content pertaining to the National Games of China were successfully breached last year by an unnamed Chinese-language-speaking hacking group. Cybersecurity firm Avast, which dissected the intrusion, said that the attackers gained access to a web server 12 days prior to the start of the event on September 3 to drop multiple reverse web shells for remote access and achieve permanent foothold in the network.

The current device discovery solutions have been mainly focused on identifying and monitoring servers, workstation PCs, laptops and infrastructure devices such as network firewalls, switches and routers, because the most valuable information assets of organizations are being stored, processed and transferred over those devices, hence making them the prime target of security breaches and intrusions. Accurate identification of connected device manufacturer, model name, device type, device end of life status, firmware version, and firmware release date.

A Chinese advanced persistent threat group has been targeting Taiwanese financial institutions as part of a "Persistent campaign" that lasted for at least 18 months. The intrusions, whose primary intent was espionage, resulted in the deployment of a backdoor called xPack, granting the adversary extensive control over compromised machines, Broadcom-owned Symantec said in a report published last week.

The U.S. Cybersecurity and Infrastructure Security Agency is urging federal agencies to secure their systems against an actively exploited security vulnerability in Windows that could be abused to gain elevated permissions on affected hosts. To that end, the agency has added CVE-2022-21882 to the Known Exploited Vulnerabilities Catalog, necessitating that Federal Civilian Executive Branch agencies patch all systems against this vulnerability by February 18, 2022.

Users of the Argo continuous deployment tool for Kubernetes are being urged to push through updates after a zero-day vulnerability was found that could allow an attacker to extract sensitive information such as passwords and API keys. The path-traversal vulnerability "Allows malicious actors to load a Kubernetes Helm Chart YAML file to the vulnerability and 'hop' from their application ecosystem to other applications' data outside of the user's scope," Moshe Zioni, Apiiro's VP of security research, said.