Security News > 2022 > April

Cybercriminals are leveraging advanced tactics in their phishing-kits granting them a high delivery success rate of spoofed e-mails which contain malicious attachments right before the end of the 2021 IRS income tax return deadline in the U.S. April 18th, 2022 - there was a notable campaign detected which leveraged phishing e-mails impersonating the IRS, and in particular one of the industry vendors who provide solutions to government agencies which including e-mailing, digital communications management, and the content delivery system which informs citizens about various updates. The IT services vendor actors impersonated is widely used by major federal agencies, including the DHS, and other such WEB-sites of States and Cities in the U.S. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

Info-Tech Research Group has published its annual report on the priorities for security leaders. The report looks into important security trends and the priorities that stem from them to help security leaders better secure their workforce in the remote work environment.

The report reveals that while analysts expect a sharp rise in cloud-native development globally, 53% of respondents still don't know much about it. "Our research reveals that most businesses don't know enough about cloud-native's challenges and don't have the staff to successfully implement it. The answer lies in high-performance low-code tools that can help speed and simplify the path forward and dramatically improve the way they build and manage apps for the future."

Elon Musk, CEO of SpaceX and Tesla and Twitter's new owner, on Thursday called on adding support for end-to-end encryption to the platform's direct messages feature. "Twitter DMs should have end to end encryption like Signal, so no one can spy on or hack your messages," Musk said in a tweet.

Security flaws in Log4j, Microsoft Exchange, and Atlassian's workspace collaboration software were among the bugs most frequently exploited by "Malicious cyber actors" in 2021 , according to a joint advisory by the Five Eyes nations' cybersecurity and law enforcement agencies. In 2021 bad actors "Aggressively targeted newly disclosed critical software vulnerabilities," according to the US, Australian, Canadian, New Zealand and UK cybersecurity authorities.

A new campaign leveraging an exploit kit has been observed abusing an Internet Explorer flaw patched by Microsoft last year to deliver the RedLine Stealer trojan. "When executed, RedLine Stealer performs recon against the target system and then exfiltrates data to a remote command and control server," Bitdefender said in a new report shared with The Hacker News.

A new Onyx ransomware operation is destroying files larger than 2MB instead of encrypting them, preventing those files from being decrypted even if a ransom is paid. Last week, security researcher MalwareHunterTeam discovered that a new ransomware operation had launched called Onyx.

A new Onyx ransomware operation is destroying large files instead of encrypting them, preventing those files from being decrypted even if a ransom is paid. Last week, security researcher MalwareHunterTeam discovered that a new ransomware operation had launched called Onyx.

For IT security leaders, it's essential to know the answers to such questions as, what is the current threat landscape as it relates to remote workers? What does the future hold? And what changes in. Security strategy are most important as remote work continues?

Ransomware is a simple name for a complex collection of security threats. Criminal gangs that evolve, cooperate, learn from each other, and adapt their tactics to fit each victim, no two attacks are the same.