Security News > 2022 > May

Microsoft has addressed a newly acknowledged known issue that caused flickering screen problems and made some Windows apps seem unstable in Safe Mode without Networking. "Devices experiencing this issue can log a System error on the Windows Event Log, with Source 'Winlogon' and the following description: 'The shell stopped unexpectedly and explorer.exe was restarted'," Microsoft explained.

The U.S. Department of Justice has announced the conviction of Sercan Oyuntur, 40, resident of California, for multiple counts relating to a phishing operation that caused $23.5 million in damages to the U.S. Department of Defense. After an eight-day trial in Camden, California, Oyuntur was found guilty of conspiracy to commit wire, mail, and bank fraud, unauthorized device access, aggravated identity theft, and making false statements to federal law enforcement officers.

The rise of remote work and learning opened new opportunities for many people - as we've seen by the number of people who have moved to new places or adapted to "Workcations." Cybercriminals are taking advantage of the same opportunities - just in a different way. Evaluating the prevalence of malware variants by region reveals a sustained interest by cyber adversaries in maximizing the remote work and learning attack vector.

"Kubernetes attacks are actually quite common, especially given how popular the container orchestration software is," said Trevor Morgan, product manager at comforte AG. "The array of threats to Kubernetes environments is quite broad.". As an example of how popular targeting vulnerable cloud infrastructure has become, Akamai security researcher Larry Cashdollar recently set up a simple Docker container honeypot, just to see what kind of notice it might attract from the wider web's cadre of cyberattackers.

Google has released Android 13 Beta 1 and has sent out a call for bug hunters: Find bugs in it, and you'll get a 50% bonus reward payout. Getting Android 13 as secure as possible before the final release.

A Russian state-sponsored threat actor has been observed targeting diplomatic and government entities as part of a series of phishing campaigns commencing on January 17, 2022. Threat intelligence and incident response firm Mandiant attributed the attacks to a hacking group tracked as APT29, with some set of the activities associated with the crew assigned the moniker Nobelium.

Fortinet have released a report indicating that the cybersecurity skills shortages continue to challenge organizations, not the least due to security breaches and associated expenses. Fully 8 in 10 of the surveyed organizations reported to have suffered at least one breach they could attribute to a lack of cybersecurity skills or awareness.

They're leaving traditional vulnerability management paradigms behind and shifting to the next generation of VPT solutions. It's not news that even the most resource-rich enterprise can't possibly sort through, prioritize and patch every single vulnerability in their ecosystem.

A Chinese state-sponsored espionage group known as Override Panda has resurfaced in recent weeks with a new phishing attack with the goal of stealing sensitive information. "The Chinese APT used a spear-phishing email to deliver a beacon of a Red Team framework known as 'Viper,'" Cluster25 said in a report published last week.

Russia's invasion on Ukraine has put a spotlight on threats to critical infrastructure, which thus far have been mostly physical, impacting water treatment, electricity, and nuclear plants. These threats to critical infrastructure may seem distant, but the involvement of the FBI shows they are not.