Security News > 2022 > May

The European Union formally accused Russia of coordinating the cyberattack that hit satellite Internet modems in Ukraine on February 24, roughly one hour before Russia invaded Ukraine. One week after the attack, Viasat confirmed that the satellite modems hit in the cyberattack were wiped using AcidRain data destroying malware.

The European Union formally accused Russia of coordinating the cyberattack that hit satellite Internet modems in Ukraine on February 24, roughly one hour before Russia invaded Ukraine. The attack targeted the KA-SAT consumer-oriented satellite broadband service operated by satellite communications provider Viasat.

Credit card skimming is a technique that consists of using malicious code installed on compromised merchant websites to steal credit card information sent by the website's customers when they complete online payments. Once the attacker has access to the website's content, they need to add malicious code to steal the credit card information provided by the unsuspecting customers.

Many security executives say they're unprepared for the threats that lie ahead. As cyberattacks grow in both number and sophistication, organizations are increasingly under the gun to protect themselves from compromise. A report released Tuesday by research firm ThoughtLab looks at how businesses and government agencies can better defend themselves against the security threats that lie ahead. SEE: Mobile device security policy.

Threat actors have started exploiting a critical bug in the application service provider F5's BIG-IP modules after a working exploit of the vulnerability was publicly made available. A shodan query shared by security researcher Jacob Baines revealed thousands of exposed BIG-IP systems on the internet, which an attacker can leverage to exploit remotely.

Costa Rican President Rodrigo Chaves declared a state of national cybersecurity emergency over the weekend following a financially motivated Conti ransomware attack against his administration that has hamstrung the government and economy of the Latin American nation. The attack-attributed to the prolific Conti ransomware group-occurred three weeks ago not long after Chaves took office; in fact, the state of emergency was one of his first decrees as president.

The U.S. Department of Transportation's Pipeline and Hazardous Materials Safety Administration has proposed a penalty of nearly $1 million to Colonial Pipeline for violating federal safety regulations, worsening the impact of the ransomware attack last year. The $986,400 penalty is the result of an inspection conducted by the regulator of the pipeline operator's control room management procedures from January through November 2020.

Over the past decade, threat detection has become business-critical and even more complicated. Threat detection programs that are fine-tuned for specific environments and systems are the most impactful.

"After execution, the stealer extracts username, passwords, credit card details, etc.," Cyble researchers said in an analysis last week. "The stealer also steals data from various locations across the system and compresses it in a password-protected ZIP file."

A new set of trojanized apps spread via the Google Play Store has been observed distributing the notorious Joker malware on compromised Android devices. Despite continued attempts on the part of Google to scale up its defenses, the apps have been continually iterated to search for gaps and slip into the app store undetected.