Security News > 2022 > April

A prolific threat group known for deploying distributed denial-of-service and cryptomining attacks is running a new botnet that is built using the Linux-based Gafgyt source code along with some code from the Mirai botnet malware. Keksec is using the Enemybot malware as a classic botnet, rolling up compromised Internet of Things devices into a larger botnet that can be used to launch DDoS attacks.

CISA adds 8 known security vulnerabilities as priorities to patch. The Cybersecurity & Infrastructure Security Agency, or CISA, maintains a database of known security vulnerabilities.

After a hefty Patch Tuesday comes news of an update for Git to deal with a vulnerability for the source shack when run on Microsoft's Windows. The update is solely concerned with CVE-2022-24765, an interesting bug which afflicts the Git for Windows fork of Git.

A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used. ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two weeks The attack used ICS-capable malware and regular disk wipers for Windows, Linux and Solaris operating systems We assess with high confidence that the attackers used a new version of the Industroyer malware, which was used in 2016 to cut power in Ukraine We assess with high confidence that the APT group Sandworm is responsible for this new attack Posted on April 13, 2022 at 6:32 AM 0 Comments.

Splunk and Enterprise Strategy Group have released a research report examining the security issues facing modern enterprises. More than 1,200 security leaders participated in the survey and revealed that they've seen an increase in cyberattacks at the same time as their teams face widening talent gaps.

Cynet, a cybersecurity company, is hosting an upcoming webinar in partnership with Enterprise Strategy Group that will explore how choosing the right XDR can be impactful for companies lean security teams. How Cynet 360 AutoXDR™ is purpose-built to enhance and simplify cybersecurity for lean security teams with limited budgets, people and skills.

In this video for Help Net Security, Kurt Seifried, Chief Blockchain Officer and Director of Special Projects at Cloud Security Alliance, talks about the state of open source security in 2022. Open source is everywhere, it's in everything, and everyone is using it.

Investment firm KKR has acquired Barracuda Networks from private equity firm Thoma Bravo. Barracuda makes security products that cover email protection, application security, network security and data.

If you're a cloud service vendor, you should be prepared to answer this question from your customers: How can you prove your security and privacy practices are truly secure? An external review validates your existing security practices.

Chinese telecom giant Huawei has issued a mandatory month-long furlough to some of its Russia-based staff and suspended new orders, according to Russian media. The business mag also reported that Chinese nationals working for Huawei Russia are still going to the office.