Security News > 2022 > February

Wormhole - a web-based blockchain "Bridge" that enables users to convert cryptocurrencies - said on Thursday that "All funds are safe" after attackers abused a vulnerability to shake it down for 120,000 Ethereum. The popular bridge, which connects Ethereum, the Solana blockchain and more, has reportedly been trying to negotiate on-chain with the attacker since Wednesday's attack.

Is the biggest threat to your data a mysterious ransomware merchant or an advanced persistent threat cartel? The incident shows how today's cloud infrastructure can exacerbate security gaps and why simply detecting a potential data leak isn't enough.

Target, one of the largest American department store chains and e-commerce retailers, has open sourced 'Merry Maker' - its years-old proprietary scanner for payment card skimming. A skimmer is malicious code injected into shopping sites to steal customers' credit card data at checkout.

Some of Britain's favourite pub munch could end up in short supply after KP Snacks, makers of nuts and crisps, suffered a ransomware attack. Kenyon Produce, to give the company its formal name, wrote to small shops around the UK saying it had been infected with ransomware on 28 January, as reported by industry news site Better Retailing.

Some of Britain's favourite pub munch could end up in short supply after KP Snacks, makers of nuts and crisps, suffered a ransomware attack. Kenyon Produce, to give the company its formal name, wrote to small shops around the UK saying it had been infected with ransomware on 28 January, as reported by industry news site Better Retailing.

Symantec finds evidence of continued Russian hacking campaigns in Ukraine. Security researchers at Symantec have presented what they said is further evidence that the Russian advanced persistent threat hacking team known as Shuckworm has been actively waging a cyber espionage campaign against organizations in Ukraine.

The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021. "The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.

Office 365 and Azure Active Directory customers were the targets of billions of phishing emails and brute force attacks successfully blocked last year by Microsoft. "From January 2021 through December 2021, we've blocked more than 25.6 billion Azure AD brute force authentication attacks and intercepted 35.7 billion phishing emails with Microsoft Defender for Office 365," said Vasu Jakkal, Microsoft's Corporate Vice President for Security, Compliance, and Identity.

Bring a burner to the Olympics, and other mobile device travel safety tips. In order to know what's awaiting you in regards to privacy laws, Turner recommends checking the U.S. State Department Travel Advisory website for a quick rundown of any legal differences you may run into while abroad. As for universally applicable safety tips for protecting your mobile devices and data, Turner and Forrester security and risk analyst Allie Mellen both have tips.

A state-backed Chinese APT actor tracked as 'Antlion' has been using a new custom backdoor called 'xPack' against financial organizations and manufacturing companies. Details from one attack show that the threat actor spent 175 days on the compromised network.