Security News > 2022 > April

Microsoft has announced a months-long effort to take control of 65 domains that the ZLoader criminal botnet gang has been using as command-and-control servers. The tech giant's Digital Crimes Unit obtained a court order to take down the domains, which are now directed to a Microsoft-controlled sinkhole so they can't communicate with the botnet.

A new survey from the Cloud Security Alliance found that IT teams don't have a complete picture of SaaS in use by business units. Too many departments with access to SaaS security settings: 35%. Lack of visibility into changes into the SaaS security settings: 34%. Forty percent of respondents said that business departments, such as legal, marketing and sales, have access to security settings.

Microsoft has increased the maximum awards for high-impact security flaws reported through the Microsoft 365 and the Dynamics 365 / Power Platform bug bounty programs. With the expansion of these two programs, security researchers reporting Office 365 and Microsoft Account service vulnerabilities can earn up to 30% for eligible scenarios.

A new information-stealing malware called ZingoStealer has been discovered with powerful data-stealing features and the ability to load additional payloads or mine Monero. The new malware was created and released for free by a group of threat actors named the "Haskers Gang," who recently attempted to sell its source code for $500. Soon after researchers at Cisco Talos spotted that offering, ZingoStealer changed hands and was transferred to a new threat actor who will undertake the development effort.

The Treasury Department's Office of Foreign Assets Control has sanctioned the address that received the cryptocurrency stolen in the largest cryptocurrency hack ever, the hack of Axie Infinity's Ronin network bridge. The Federal Bureau of Investigation said two North Korean hacking groups, Lazarus and BlueNorOff, were behind last month's Ronin hack.

The Treasury Department's Office of Foreign Assets Control has sanctioned the address that received the cryptocurrency stolen in the largest cryptocurrency hack ever, the hack of Axie Infinity's Ronin network bridge. Blockchain data platform Chainalysis first spotted that a new ETH address added by OFAC to the SDN list as part of a Lazarus Group update was also used in March to collect the ETH and USDC tokens stolen in the Ronin hack.

The Treasury Department's Office of Foreign Assets Control has updated its Specially Designated Nationals list with new information linking the North Korean-backed Lazarus Group APT to the largest cryptocurrency hack in history. Blockchain data platform Chainalysis first spotted that a new ETH address added by OFAC to the SDN list as part of the Lazarus Group entry was also used in March to collect the ETH and USDC tokens stolen during the Axie Infinity's Ronin bridge hack.

Atlassian has finally revealed the exact cause of an ongoing cloud services outage the company estimates could impact some of its customers for up to two more weeks. When we first reported on this outage, Atlassian told us that a routine maintenance script blocked some customers' access to their data after "Unintentionally" disabled the sites of roughly 400 out of its over 200,000 customers.

This is a current list of where and when I am scheduled to speak: I’m speaking at Future Summits in Antwerp, Belgium on May 18, 2022. I’m speaking at IT-S Now 2022 in Vienna on June 2, 2022. I’m...

Threat actors have built and are ready to deploy tools that can take over a number of widely used industrial control system devices, which spells trouble for critical infrastructure providers-particularly those in the energy sector, federal agencies have warned. In a joint advisory, the Department of Energy, the Cybersecurity and Infrastructure Security Agency, the National Security Agency and the FBI caution that "Certain advanced persistent threat actors" have already demonstrated the capability "To gain full system access to multiple industrial control system/supervisory control and data acquisition devices," according to the alert.