Security News > 2022 > April

Cybersecurity researchers have uncovered further links between BlackCat and BlackMatter ransomware families, the former of which emerged as a replacement following international scrutiny last year. "At least some members of the new BlackCat group have links to the BlackMatter group, because they modified and reused a custom exfiltration tool and which has only been observed in BlackMatter activity," Kaspersky researchers said in a new analysis.

A number of rogue Android apps that have been cumulatively installed from the official Google Play Store more than 50,000 times are being used to target banks and other financial entities. Like other Android banking trojans, the rogue apps are nothing more than droppers, whose primary function is to deploy the malicious payload embedded within them.

Imperva has published data showing that organizations are failing to address the issue of?insider threats?during a time when the risk is at its greatest. New research, conducted by Forrester, found that 59% of incidents in EMEA organizations that negatively impacted sensitive data in the last 12 months were caused by insider threats, yet 59% do not prioritize insider threats the way they prioritize external threats.

China has been accused of conducting a long-term cyber attack on India's power grid, and has been implicated in cyber attacks against targets in Ukraine. Cybersecurity firm Insikt Group found network intrusions at seven Indian State Load Dispatch Centers that conduct real-time operations for grid control and electricity dispatch, according to a report released Wednesday.

March Patch Tuesday releases followed in the footsteps of February with low numbers of CVEs reported and resolved, and all updates rated as important except one critical update for Microsoft Exchange Server. Could April Patch Tuesday provide the deluge of critical updates we were expecting last month?

In this video for Help Net Security, Paul Calatayud, CISO at Aqua Security, talks about cloud native security and the problem with the lack of understanding of risks to this environment. A recent survey of over 100 cloud professionals revealed that often businesses lead the charge in cloud, they see the opportunity, they move forward, but more and more critical compute finds its way into these cloud environments, and the security teams start to take notice.

A WatchGuard report shows a record number of evasive network malware detections with advanced threats increasing by 33%, indicating a higher level of zero day threats than ever before. Researchers detected malware threats in EMEA at a much higher rate than other regions of the world in Q4 2021, with malware detections per Firebox at 49%, compared to Americas at 23% and APAC at 29%. The trajectory of network intrusion detections also continued its upward climb with the largest total detections of any quarter in the last three years and a 39% increase quarter over quarter.

Black Kite released a report that examines rising cyber risk concerns and ransomware susceptibility in the insurance sector. The most notable takeaway: nearly 20% of the top 99 insurance carriers have a high susceptibility to ransomware.

New research, conducted by Forrester, found that 59% of incidents in EMEA organizations that negatively impacted sensitive data in the last 12 months was caused by insider threats, and yet 59% do not prioritize insider threats the way they prioritize external threats. 70% of organizations do not have an insider risk management strategy or policy, and a majority do not have a dedicated insider threat team.

Invicti Security released a research which reveals a rise in severe web vulnerabilities and the need for executive leaders to intertwine their application security and digital transformation efforts to reduce risk. The report examines web vulnerabilities from over 939 customers worldwide and was derived from the largest data set yet, with more than 23 billion security checks executed on customer applications uncovering over 282,000 direct-impact vulnerabilities.