Security News > 2022 > June

Deep Instinct released the third edition of its annual Voice of SecOps Report, focused on the increasing and unsustainable stress levels among 1,000 C-suite and senior cybersecurity professionals across all industries and roles. The research found that 45% of respondents have considered quitting the industry due to stress, with the primary issues being an unrelenting threat from ransomware and the expectations to always be on call or available.

The threat cluster dubbed UNC2165, which shares numerous overlaps with a Russia-based cybercrime group known as Evil Corp, has been linked to multiple LockBit ransomware intrusions in an attempt to get around sanctions imposed by the U.S. Treasury in December 2019. "These actors have shifted away from using exclusive ransomware variants to LockBit - a well-known ransomware as a service - in their operations, likely to hinder attribution efforts in order to evade sanctions," threat intelligence firm Mandiant noted in an analysis last week.

PyPI packages 'keep,' 'pyanxdns,' 'api-res-py' were found to be containing a backdoor due to the presence of malicious 'request' dependency within some versions. PyPI package 'keep' uses malicious 'request'.

A new Google Chrome browser extension called Vytal prevents webpages from using programming APIs to find your geographic location leaked, even when using a VPN. Many people use VPNs to hide their location or connect from another country while browsing the web. While a VPN will hide the IP address of your device and thus your physical location, it is possible to use JavaScript functions to query information directly from a web browser to find a visitor's general geographic location.

Cybersecurity researchers report increased activity of the Hello XD ransomware, whose operators are now deploying an upgraded sample featuring stronger encryption. The Hello XD ransomware operation is not currently using a Tor payment site to extort victims but instead instructs victims to enter negotiations directly through a TOX chat service.

Summer holiday season fuels upswing of travel-themed spamPhishers, scammers and malware peddlers are ready to take advantage of the summer holiday season: According to Bitdefender security analysts, the deluge of travel-themed spam has started in March and is expected to reach its peak in June. Attackers aren't slowing down, here's what researchers are seeingIn this Help Net Security interview, John Shier, Senior Security Advisor at Sophos, talks about the main findings of two Sophos reports: the 2022 Active Adversary Report and the State of Ransomware Report, which provide an exceptional overview of the modern threat landscape.

Researchers at the University of Hamburg in Germany have conducted a field experiment capturing hundreds of thousands of passersby's WiFi connection probe requests to determine the type of data transmitted without the device owners realizing it. WiFi probing is a standard process, part of the bilateral communication required between a smartphone and an access point to establish a connection.

Ransomware gangs are now targeting a recently patched and actively exploited remote code execution vulnerability affecting Atlassian Confluence Server and Data Center instances for initial access to corporate networks. Ransomware starts circling unpatched Confluence servers.

Few understand their attack surface, says Trend Micro. Survey results from Trend Micro indicate that, when it comes to organizations understanding their attack surfaces, most don't.

A newly designed privacy-sensitive architecture aims to enable developers to create smart home apps in a manner that addresses data sharing concerns and puts users in control over their personal information. Peekaboo operates on the principle of data minimization, which refers to the practice of limiting data collection to only what is required to fulfill a specific purpose.