Security News > 2022 > March

Aon, the British-American provider of insurance and pension administration, has brought in external specialists to help probe a "Cyber incident". In addition to broader risk insurance options, Aon sells cyber insurance policies and related solutions to customers, including Cyber Risk Financing, Cyber Impact Analysis, Security Testing, Incident Response Retainers, and Stroz Friedberg Digital Forensics.

Microsoft shared info on a now-fixed known issue leading to Local Security Authority Subsystem Service crashes and Windows Server domain controller. As Microsoft explains in a new entry added to the Window Health dashboard, unexpected restarts are triggered on Windows Servers domain controllers after installing updates released during the January 2021 Patch Tuesday.

The development follows Ukraine's successful effort of raising over $37 million in crypto donations from all around the world amid the country's ongoing invasion by Russian troops. 'Help Ukraine' crypto donation scams on the rise.

Ransomware encrypts data and demands a ransom in exchange for decryption. As data recovery is impossible if the encryption key is not obtained, some companies suffer from considerable damage, such as the payment of huge amounts of money or the loss of important data.

Phishing emails to Microsoft users warning of Moscow-led account hacking have started to make the rounds, looking to lift credentials and other personal details. That's according to Malwarebytes, which uncovered a spate of spam email that name-checks Russian hacking efforts.

Twitter account of former intelligence specialist, Reality Winner was hacked over the weekend by threat actors looking to target journalists at prominent media organizations. Hackers took over Winner's verified Twitter account and changed the profile name to "Feedback Team" to impersonate Twitter staff before sending out suspicious DMs to verified users.

Even as the TrickBot infrastructure closed shop, the operators of the malware are continuing to refine and retool their arsenal to carry out attacks that culminated in the deployment of Conti ransomware. IBM Security X-Force, which discovered the revamped version of the criminal gang's AnchorDNS backdoor, dubbed the new, upgraded variant AnchorMail.

Emotet is a sophisticated, constantly changing modular botnet. On November 14, 2021, Emotet was reborn with a new version.

The All-In-One 2022 Super-Sized Ethical Hacking Bundle helps you gain both, with 18 courses covering all aspects of cybersecurity. The purpose of ethical hacking is to find weaknesses in the system that a malicious hacker may exploit.

The United States' Cybersecurity and Infrastructure Security Agency, working with security vendor Symantec, has found an extremely sophisticated network attack tool that can invisibly create backdoors, has been plausibly linked to Chinese actors, and may have been in use since 2013. Symantec's threat hunting team has named the malware "Daxin" and described it as "a stealthy backdoor designed for attacks on hardened networks".