Security News > 2022 > April

The servers of Hydra Market, the most prominent Russian darknet platform for selling drugs and money laundering, have been seized by the German police. The confiscated money indicate the size of the Hydra market, which counted around 19,000 registered seller accounts that served at least 17 million customers around the world.

It's been almost a week since the Spring4Shell vulnerability came to light and since the Spring development team fixed it in new versions of the Spring Framework. We might not have all the facts: The US Cybersecurity and Infrastructure Agency has added Spring4Shell to their Known Exploited Vulnerabilities Catalog on Monday.

Brian Krebs has a detailed post about hackers using fake police data requests to trick companies into handing over data.Virtually all major technology companies serving large numbers of users online have departments that routinely review and process such requests, which are typically granted as long as the proper documents are provided and the request appears to come from an email address connected to an actual police department domain name.

Spring4Shell has dominated the information security news these last six days, but Log4Shell continues to demand attention and action from enterprise defenders as diverse vulnerable applications are being targeted in attacks in the wild. Some attackers are popping them and deploying backdoors, reverse shells and remote monitoring tools, possibly preparing them for future attacks involving ransomware or corporate espionage.

A Javelin study reveals that traditional identity fraud losses totaled $52 billion and affected 42 million U.S. adults. Among the trends observed were huge increases to account takeover fraud and new account fraud in which fraud operators deployed multiple tactics to steal victims' personal information to drain them of billions of dollars.

The need to patch has been mandated at the highest level - including by the Cybersecurity and Infrastructure Security Agency, which recently published a list of vulnerabilities that must be patched by covered organizations. CISA's recent Shields Up notification also points strongly to patching as a critical step that significantly supports cybersecurity.

A Software Advice survey revealed how cyberattacks can negatively impact healthcare providers by threatening core functions and patient privacy. According to findings, 22% of small practices and 45% of large practices have experienced a ransomware attack at some point, with numbers rising in the past three years.

The notorious cybercrime group known as FIN7 has diversified its initial access vectors to incorporate software supply chain compromise and the use of stolen credentials, new research has revealed. "Data theft extortion or ransomware deployment following FIN7-attributed activity at multiple organizations, as well as technical overlaps, suggests that FIN7 actors have been associated with various ransomware operations over time," incident response firm Mandiant said in a Monday analysis.

It is vital that every CISO can offer a clear picture of how their security is really holding up against the latest tactics, techniques, and procedures. A red team exercise may not even need to exploit any technology-related vulnerability; rather, testers can rely on social engineering, phishing, or identifying shadow IT as an entry point.

In this Help Net Security video, Ax Sharma, Senior Security Researcher at Sonatype, talks about the risks posed by malicious open source packages. Malicious packages can harm systems in many different ways.