Security News > 2022 > February

The UK's National Cyber Security Centre just published guidance on how to combat smishing that's useful for businesses and customers alike. If you're a company, don't ask for personal details by text.

The Computer Emergency Response Team of Ukraine warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. The phishing emails are being sent from two domains, the former trying to impersonate the i.ua free Internet portal providing email services to Ukrainians since 2008.

The Computer Emergency Response Team of Ukraine warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. The phishing emails are being sent from two domains, the former trying to impersonate the i.ua free Internet portal providing email services to Ukrainians since 2008.

Microsoft says Windows Server security updates released on and since the January 2022 Patch Tuesday might prevent applications and network appliances from creating Netlogon secure channels if installed on domain controllers. Netlogon is a remote procedure call interface and Windows Server process that authenticates services and users on Windows domain-based networks.

Cignpost Diagnostics, which trades as ExpressTest and offers £35 tests for holidaymakers, said it holds the right to analyse samples from seals to "Learn more about human health" - and sell information on to third parties. Individuals are required to give informed consent for their sensitive medical data to be used but customers' consent for their DNA to be sold now as buried in Cignpost's online documents.

Microsoft says Windows customers might find that some of their files are not deleted after resetting their Windows devices with the "Remove everything" option. "When attempting to reset a Windows device with apps which have folders with reparse data, such as OneDrive or OneDrive for Business, files which have been downloaded or synced locally from OneDrive might not be deleted when selecting the 'Remove everything' option," Microsoft explains on the Windows health dashboard.

Infosec researcher Rob Dyke, best known to Reg readers for fending off legal threats from not-for-profit open-source foundation Apperta after finding a data breach, has visited Parliament to demand Computer Misuse Act reform. The security researcher's highly eventful attempt at vulnerability disclosure to Apperta last year resulted in him having to spend £25,000 to see off the open-source org's legal threats, though a crowdfunding campaign helped with the bulk of his legal fees.

Researchers from China's Pangu Lab have disclosed details of a "Top-tier" backdoor put to use by the Equation Group, an advanced persistent threat with alleged ties to the cyber-warfare intelligence-gathering unit of the U.S. National Security Agency. Equation Group's malware toolset became public knowledge in 2016 when a group calling itself the Shadow Brokers leaked the entire tranche of exploits used by the elite hacking team, with Kaspersky uncovering code-level similarities between the stolen files and that of samples identified as used by the threat actor.

A notification from the U.S. Cybersecurity Infrastructure and Security Agency warns that threat actors are exploiting vulnerabilities in Zabbix open-source tool for monitoring networks, servers, virtual machines, and cloud services. The agency is asking federal agencies to patch any Zabbix servers against security issues tracked as CVE-2022-23131 and CVE-2022-23134, to avoid "Significant risk" from malicious cyber actors.

DevOps and continuous delivery have revolutionized software development and productivity over the last decade. As robust and resilient as today's development pipelines are, it's become increasingly clear that they can be derailed by a comparatively simply security incident.