Security News > 2022 > April

Shuckworm's attacks are part of an ongoing campaign by Russian state-sponsored threat groups that escalated their efforts in the run-up to the invasion of Ukraine in late February, and have continue their attacks since. The Security Service of Ukraine last year said the group was responsible for more than 5,000 attacks against public agencies or critical infrastructure and linked Shuckworm to the FSB, Russia's security service and successor to the KGB. The SSU said the group targeted more than 1,500 government computer systems over seven years.

Microsoft Defender for Endpoint has been tagging Google Chrome updates delivered via Google Update as suspicious activity due to a false positive issue. According to Windows system admins reports [1, 2, 3, 4], the security solution began marking Chrome updates as suspicious starting last evening.

Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportiona votes based on the amount of currency they own. A clever hacker used a "Flash loan" feature of another decentralized finance project to borrow enough of the currency to give himself a controlling stake, and then approved a $182 million transfer to his own wallet.

VPN: Get three years of this top-rated cybersecurity service on sale We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. One of the most common cybersecurity tools you can use is a VPN, and you don't have to stretch your budget or have any kind of technical know-how to employ one.

Brave, the maker of the homonymous web browser, has announced a new feature called Discussions that adds conversations from online forums to its privacy-focused search engine. Until now, Brave Search was limited to website content that can be vague, generic, low quality, and only appear high in results due to SEO optimization.

The number of phishing attacks worldwide jumped 29 percent last year as threat actors countered stronger enterprise defenses with newer methods, according to researchers with Zscaler's ThreatLabz research team. While the United States remained the country with the most phishing attempts, others are seeing faster growth in the number of incidents - exploiting new vectors like SMS and lowering the barrier of entry for launching attacks through pre-built tools made available on the market.

Google Project Zero reported 58 exploited zero-day vulnerabilities in 2021, a record in the short time the team of security researchers has been keeping tabs. In a year-in-review report on the number instances a zero-day bug has been exploited in the wild, researchers noted the number a twofold jump in detected flaws since 2020.

Enjoy extra home security with this budget-friendly smart camera We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. Home security can be expensive and difficult to maintain.

Cybercriminals are finding new ways to target cloud environments. To up their game, attackers are adopting more advanced and sophisticated methods to target sensitive and vulnerable cloud native environments.

Threat analysts report that the Russian state-sponsored threat group known as Gamaredon is launching attacks against targets in Ukraine using new variants of the custom Pteredo backdoor. According to a report by Symantec, who tracks the group as Shuckworm, the actor is currently using at least four variants of the "Pteredo" malware, also tracked as Pteranodon.