Security News > 2022 > June

We understand this particular campaign of espionage involving RCS's spyware was documented last week by Lookout, which dubbed the toolkit "Hermit." We're told it is potentially capable of spying on the victims' chat apps, camera and microphone, contacts book and calendars, browser, and clipboard, and beam that info back to base. This app in fact infected the device with RCS's spyware.

Redmond published three cumulative updates as part of its scheduled June 2022 monthly "C" updates to allow customers to test upcoming fixes: KB5014668, KB5014665, and KB5014669. As the company revealed on Thursday in updates to known issue entries in the Windows health dashboard [1, 2, 3], the updates also address connectivity issues when using Wi-Fi hotspots after installing Windows updates released as part of the June 2022 Patch Tuesday.

If your organization is running VMware Horizon and Unified Access Gateway servers and you haven't implemented the patches or workarounds to fix/mitigate the Log4Shell vulnerability in December 2021, you should threat all those systems as compromised, the Cybersecurity and Infrastructure Security Agency has advised on Thursday. According to the CISA, cyber threat actors, including state-sponsored advanced persistent threat actors, have continued to exploit Log4Shell in unpatched, internet-facing VMware Horizon and Unified Access Gateway servers to obtain initial access to organizations.

Privacy Affairs researchers concluded criminals using the dark web can get a complete set of a person’s account details, enabling them to create fake IDs and forge private documents, such as...

A state-sponsored Chinese threat actor has used ransomware as a distraction to help it conduct electronic espionage, according to security software vendor Secureworks. Cybersecurity firm Secureworks asserts that ransomware is probably just a distraction from the true intent: cyber espionage.

NSO Group told European lawmakers this week that "Under 50" customers use its notorious Pegasus spyware, though these customers include "More than five" European Union member states. Generally speaking, a target selected by an NSO customer has their phone or other device infected with hidden spyware via the exploitation of one or more security vulnerabilities.

iPaaS apps are vulnerable because they transport highly sensitive data from core systems, include many different third-party apps in the process, and often lack security tools to govern and secure them all. In this video for Help Net Security, Alon Jackson, CEO of Astrix Security, talks about how as the variety of third-party platforms increases, and as it becomes easier to link data and workflows to one another, it's high time for cybersecurity solutions to keep up.

It describes areas for which companies prioritize information security and compliance, which leaders control information security spending, how compliance has shifted the overall security strategy of the organization, and the solutions and tools on which organizations are focusing their technology spending. The findings cover three critical areas of an organization's security and compliance posture: information security and IT audit and compliance, data security and data privacy, and security and compliance spending.

As identity-related breaches continue to be a massive threat, the 2022 Trends in Securing Digital Identities report from the Identity Defined Security Alliance examines the progress organizations are making in defending against these attacks and the internal factors that are both enabling and interfering. Organizations are responding by prioritizing identity in their security programs and making identity investments a part of strategic initiatives, such as cloud adoption, zero trust and digital transformation.

VPN usage is still prevalent among 90% of security teams who have highlighted cost, time, and difficulty as reasons to not move forward with ZTNA adoption, according to a new survey conducted by Sapio Research. Despite known security issues, VPN usage continues to thrive, with 90% of respondents currently using a VPN in some capacity for secure remote access.