Security News > 2022 > May

Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. The method enabled the threat actor behind the attack to plant fileless malware in the file system in an attack filled with techniques and modules designed to keep the activity as stealthy as possible.

China's internet regulator, the Cyberspace Administration of China, has published guidelines that aim to stop minors from giving tips or other forms of payment to livestreamers, watching after 10pm, or livestreaming themselves. "Website platforms must not develop functional applications that attract minors to tip or induce minors to give 'gifts.' If it is found that the website platform violates the aforementioned requirements, measures such as suspending the tipping function and shutting down the live broadcast business will be implemented," said the recently published Opinions on Regulating Online Live Rewards and Strengthening the Protection of Minors.

The Costa Rican President Rodrigo Chaves has declared a national emergency following cyber attacks from Conti ransomware group on multiple government bodies.On Sunday, May 8th, the newly elected Costa Rican President Chaves declared a national emergency citing ongoing Conti ransomware attacks as the reason.

Researchers have developed PoC exploits for CVE-2022-1388, a critical remote code execution bug affecting F5 BIG-IP multi-purpose networking devices/modules. We have reproduced the fresh CVE-2022-1388 in F5's BIG-IP. Successful exploitation could lead to RCE from an unauthenticated user.

In the list of recommendations, the first two are about limiting user privileges and applying security patches - particularly those included in CISA's list of known exploited vulnerabilities. You'll need a security partner to provide you with those patches.

Cybersecurity researchers have shed light on an actively maintained remote access trojan called DCRat that's offered on sale for "Dirt cheap" prices, making it accessible to professional cybercriminal groups and novice actors alike. "Unlike the well-funded, massive Russian threat groups crafting custom malware , this remote access Trojan appears to be the work of a lone actor, offering a surprisingly effective homemade tool for opening backdoors on a budget," BlackBerry researchers said in a report shared with The Hacker News.

In 2020, cybersecurity companies raised $8.9 billion globally, and in 2021 the amount jumped to over $21 billion. While the data is very exciting and promising for the cybersecurity industry as a whole, there's one big question that has not been answered: How much of the funding went to companies led by women?

Network traffic continues to increase, and global internet bandwidth grew by 29% in 2021, reaching 786 Tbps. In addition to record traffic volumes, 95% of traffic is now encrypted according to Google. To help address these problems, many network security and operations teams are relying more heavily on machine learning technologies to identify faults, anomalies, and threats in network traffic.

In this interview for Help Net Security, Dimitri van Zantvliet Rozemeijer, CISO at Nederlandse Spoorwegen, talks about railway cybersecurity and the progresses this industry has made to guarantee safety. How is railway cybersecurity fairing in this complex environment?

Bridgecrew by Prisma Cloud is the codified cloud security platform built to bridge the gap between DevOps and security teams. Powered by automation, Bridgecrew empowers teams to find, fix, and prevent vulnerabilities, misconfigurations, and license compliance issues in source code, containerized applications, and infrastructure as code.