Security News > 2022 > April

Fake Windows 10 updates are being used to distribute the Magniber ransomware in a massive campaign that started earlier this month. While researching the campaign, we discovered a topic in our forums where readers report becoming infected by the Magniber ransomware after installing what is believed to be Windows 10 cumulative or security update.

As the company's Chief Technology Officer Sri Viswanath revealed on April 14th, nine days after the incident started, a maintenance script accidentally wiped hundreds of customer sites due to communication issues between two Atlassian teams working on deactivating a legacy app. The 14-day-long outage impacted a very small set of Atlassian customers between April 5th and April 18th. The first set of impacted sites was restored until April 8th and the rest of the affected customer sites by April 18th. During the incident, the following Atlassian products have been unavailable for impacted customers: the entire Jira family of products, Confluence, Atlassian Access, Opsgenie, and Statuspage.

Meta's Facebook subsidiary has been collecting hashed personal data from students seeking US government financial aid, even from those without a Facebook account and those not logged into the student aid website, according to a research study published this week. News non-profit The Markup, working with Mozilla via its Rally data monitoring extension, found that the Meta pixel code has been gathering digital fingerprints representing the first name, last name, phone number, zip code, and email address of students filling out the Free Application for Federal Student Aid, or FAFSA, on the US Department of Education's StudentAid.

India's computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours. "Any service provider, intermediary, data center, body corporate and Government organization shall mandatorily report cyber incidents to CERT-In within six hours of noticing such incidents or being brought to notice about such incidents," the government said in a release.

Deception technology works best when it is difficult to remotely tell the difference between a real system or something that is fake, he explained: That way, the attacker wastes time on the decoy. "Either way the goal of deception technology is to significantly increase the costs for the attacker whilst reducing that of the defender," said Bevington.

This week we have discovered numerous new ransomware operations that have begun operating, with one appearing to be a rebrand of previous operations. We also learned of a new ransomware gang called Black Basta that has quickly accumulated victims while, for the most part, staying under the radar until this week.

One of the wipers also took wind turbines in Germany offline, satellite communication modems in Ukraine seemingly being the primary target in this specific attack. While the wipers have primarily targeted Ukrainian organizations to date, as the illegal and bloody Russian invasion of Ukraine continues, cybersecurity and law enforcement agencies warn that Kremlin-backed crime gangs may turn their destructive attacks toward Western governments and companies.

That's where secured-core server comes in, using hardware-based security tools to protect your servers right from the moment they start to boot. Secured-core systems need a second generation TPM. The first and most obvious task is using the TPM to ensure the integrity of a server's BIOS and firmware, using pro-loaded signatures.

An about 3-meter-long giant squid was found stranded on a beach here on April 20, in what local authorities said was a rare occurrence. At around 10 a.m., a nearby resident spotted the squid at Ugu beach in Obama, Fukui Prefecture, on the Sea of Japan coast.

Survey: Recovery from Log4Shell vulnerability is ongoing with 77% of organizations still in patching mode. In March 2022, Valtix worked with an independent research firm to survey 200 cloud security leaders to understand how the vulnerability has influenced security teams.