Security News > 2022 > April

US government officials announced today the disruption of the Cyclops Blink botnet linked to the Russian-backed Sandworm hacking group before it was used in attacks. The malware, used by Sandworm to create this botnet since at least June 2019, is targeting WatchGuard Firebox firewall appliances and multiple ASUS router models.

A former employee with Block used the digital financial services firm's Cash App products to access and download personal information about US customers in December 2021, the firm has claimed. In a filing this week with the Securities and Exchange Commission, Block officials alleged the ex-employee on December 10 downloaded reports of the company's Cash App Investing subsidiary.

NET Framework versions signed using the insecure Secure Hash Algorithm 1 will reach their end of life this month. NET. "On April 26, 2022, the.NET Framework 4.5.2, 4.6, and 4.6.1 will reach end of support, and after this date, Microsoft will no longer provide updates including security fixes and technical support for these versions," Microsoft said in a Windows message center update.

FinFisher has shut down operations. This is the spyware company whose products were used, among other things, to spy on Turkish and Bahraini political opposition.

AMD is investigating an issue in its GPU software suite that causes an auto-adjustment of AMD Ryzen CPU performance settings for users without permission. The chipmaker confirmed the GPU driver bug to Tom's Hardware via a generic statement that didn't give many details, mitigation advice, or estimated fix dates.

The U.S. Department of the Treasury's Office has announced sanctions against the cryptocurrency exchange Garantex, which has been linked to illegal transactions for Hydra Market. The United States is sanctioning the world's largest darknet market for Russian speakers, Hydra, and the virtual currency exchange Garantex.

Attackers are spoofing voice message notifications from WhatsApp in a malicious phishing campaign that uses a legitimate domain to spread an info-stealing malware, researchers have found. Researchers at cloud email security firm Armorblox discovered the malicious campaign targeting Office 365 and Google Workspace accounts using emails sent from domain associated with the Center for Road Safety, an entity believed to reside within the Moscow, Russia region.

Developers do not view application security as a top priority, study finds. According to Secure Code Warrior's State of Developer-Driven Security 2022 survey, 86% of developers said they do not view application security as a top priority when writing code.

Bug hunters that discover and report high-impact security vulnerabilities in on-premises Exchange, SharePoint and Skype for Business may earn as much as $26,000 per eligible submission, Microsoft has announced. The highest awards will go to those who discover vulnerabilities that have the highest potential impact to customer security.

A privacy rights org this week lost an appeal [PDF] in a case about the sharing of Bulk Personal Datasets by MI5, MI6, and GCHQ with foreign intelligence agencies. The decision means a contested part of a 2018 ruling by the IPT will stand: that safeguards and rules around data collection between 2015 to 2017 by the state agencies meant that sharing that data was legal - "Compatible with article 8 of the European Convention of Human Rights."