Security News > 2022 > June

With this VPN and 90+ training courses, take cybersecurity to the next level We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. Cybersecurity is more important than ever, and it's critical that decision-makers invest wisely when it comes to security.

The Evil Corp cybercrime group has now switched to deploying LockBit ransomware on targets' networks to evade sanctions imposed by the U.S. Treasury Department's Office of Foreign Assets Control. Active since 2007, Evil Corp is known for pushing the Dridex malware and later switching to the ransomware "Business."

Virtual Private Network provider ExpressVPN on Thursday announced that it's removing Indian-based VPN servers in response to a new cybersecurity directive issued by the Indian Computer Emergency Response Team. "Rest assured, our users will still be able to connect to VPN servers that will give them Indian IP addresses and allow them to access the internet as if they were located in India," the company said.

An analysis of leaked chats from the notorious Conti ransomware group earlier this year has revealed that the syndicate has been working on a set of firmware attack techniques that could offer a path to accessing privileged code on compromised devices. "Control over firmware gives attackers virtually unmatched powers both to directly cause damage and to enable other long-term strategic goals," firmware and hardware security firm Eclypsium said in a report shared with The Hacker News.

The threat actor known as SideWinder has added a new custom tool to its arsenal of malware that's being used in phishing attacks against Pakistani public and private sector entities. The custom tool identified by Group-IB, dubbed SideWinder.

The U.S. Department of Justice on Wednesday announced the seizure of three domains used by cybercriminals to trade stolen personal information and facilitate distributed denial-of-service attacks for hire. The former of which allowed its users to traffic hacked personal data and offered a searchable database containing illegally amassed information obtained from over 10,000 data breaches.

PfSense also offers its own routers under the name Netgate for those who want an experience closer to a bundled hardware and software option, such as with Netgear, but with the added options and flexibility pfSense offers. Due to the variety of hardware configurations with both pfSense and Netgear, this comparison will mostly focus on software settings and the key features between the two.

Majority of CIOs say their software supply chains are vulnerable, execs demand action. A new survey of 1,000 CIOs conducted by Venafi shows that over 80% said their organizations are vulnerable to cyberattacks targeting software supply chains.

The Follina bug, now more properly known as CVE-2022-30190, hinges on a weird, non-standard URL supported by the Windows operating system. Windows includes a lengthy list of proprietary URL schemes, also known as protocol handlers, that can be used to trigger a range of non-standard activities simply by referencing the special URL. The Follina bug, for example, took devious advantage of the URL scheme ms-msdt:, which relates to system diagnostics.

A ransomware gang is taking extortion to a new level by publicly hacking corporate websites to publicly display ransom notes. This new extortion strategy is being conducted by Industrial Spy, a data extortion gang that recently began using ransomware as part of their attacks.