Security News > 2022 > June

Publishing giant Macmillan was forced to shut down their network and offices while recovering from a security incident that appears to be a ransomware attack. The attack reportedly occurred over the weekend, on Saturday, June 25th, with the company shutting down all of their IT systems to prevent the spread of the attack.

The ability to not only hop on a LAN from a SOHO device and then stage further attacks suggests that the RAT may be the work of a state-sponsored actor, they noted in a blog post published Wednesday. The level of evasion that threat actors use to cover up communication with command-and-control in the attacks "Cannot be overstated" and also points to ZuoRAT being the work of professionals, they said.

Attackers used a newly discovered malware to backdoor Microsoft Exchange servers belonging to government and military organizations from Europe, the Middle East, Asia, and Africa. In late April 2022, while still investigating the attacks, Kaspersky found that most of the malware samples identified earlier were still deployed on 34 servers of 24 organizations.

Google has added API security tools and Workspace admin alerts about potentially risky configuration changes such as super admin passwords resets. Google's answer to these problems includes two API security features available in preview: one that identifies API misconfigurations and another that detects bots.

Have you ever found phishing emails confusing? You aren't alone. Kaspersky found as part of its Security Awareness Platform and phishing simulator data the emails that users find the most difficult to understand when it comes to attempted phishing attacks.

LockBit ransomware gang promises bounty payment for personal data. In a new twist on the ransomware game, the LockBit cybercrime group has launched a bug bounty program promising money to people willing to share sensitive data that can be exploited in ransomware attacks.

Ukrainian government and private sector organizations have been the target of 796 cyberattacks since the start of the war on February 24, 2022, when Russia invaded Ukraine. According to Ukraine's cybersecurity defense and security agency SSSCIP, the country's networks have been under a constant barrage of hacking attempts since the war started.

Norway's National Security Authority published a statement yesterday warning that some of the country's most important websites and online services are being rendered inaccessible due to distributed denial of service attacks. DDoS attacks are a special type of cyberattack that causes internet servers to be overwhelmed by many requests and garbage traffic, rendering the hosted sites and services inaccessible for legitimate visitors and users.

Black Lotus Labs, a threat intelligence team within Lumen Technologies, has recently exposed a new modus operandi for an attack campaign that went undiscovered for nearly two years. One of its most intriguing characteristics is that it targets small office / home office routers as an initial point of compromise, in addition to being particularly stealth.

Get 15 hours of basic cybersecurity education online for just $29 We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. Whether you're interested in protecting your own digital life or you might want to pursue a new career in cybersecurity, check out the Dynamic 2022 Data & IT Security Training Bundle.