Security News > 2022 > August

An extensive series of attacks detected in January used new Windows malware to backdoor government entities and organizations in the defense industry from several countries in Eastern Europe. Kaspersky linked the campaign with a Chinese APT group tracked as TA428, known for its information theft and espionage focus and attacking organizations in Asia and Eastern Europe [1, 2, 3, 4]. The threat actors successfully compromised the networks of dozens of targets, sometimes even taking control of their entire IT infrastructure by hijacking systems used to manage security solutions.

Facebook parent company Meta disclosed that it took action against two espionage operations in South Asia that leveraged its social media platforms to distribute malware to potential targets. The first set of activities is what the company described as "Persistent and well-resourced" and undertaken by a hacking group tracked under the moniker Bitter APT targeting individuals in New Zealand, India, Pakistan and the U.K. "Bitter used various malicious tactics to target people online with social engineering and infect their devices with malware," Meta said in its Quarterly Adversarial Threat Report.

The metaverse faces more than 8 potential cyberthreats. "Metaverse publishers will control all aspects of their meta spaces, collect vast amounts of user data, and monetize the collected data. Even if there are open-source metaverse worlds that users can host, the publisher who hosts them will still be able to collect and monetize user data." Given the unprecedented visibility into user actions, Trend Micro anticipates privacy issues such as data sovereignty will become a major concern in the metaverse.

Did Slack send you a password reset link last week? The company has admitted to accidentally exposing the hashed passwords of workspace users. Slack said only 0.5 percent of users were affected, which doesn't sound too terrible until you consider how many Slack users are out there.

Current quantum computers are still toy prototypes, and the engineering advances required to build a functionally useful quantum computer are somewhere between a few years away and impossible. The idea is to standardize on both a public-key encryption and digital signature algorithm that is resistant to quantum computing, well before anyone builds a useful quantum computer.

Deepfake attacks and cyber extortion are creating mounting risks. "In February VMware reported seeing a new type of malware deployed in one of the largest targeted attacks in history focused solely on the destruction of critical information and resources."This is part of a growing list of destructive malware deployed against Ukraine, as noted in a joint advisory the Cybersecurity and Infrastructure Security Agency and the FBI released this spring,'' the report stated.

Modern organizations are challenged by conflicting demands to secure the enterprise while delivering excellent end-user experience, according to Broadcom Software. This Help Net Security video highlights how increasing reliance on cloud applications is changing the way businesses operate.

Called Dark Utilities, the service provides a full range of C2 capabilities to give attackers an easier and inexpensive platform for launching remote access, command execution, cryptocurrency mining, and distributed denial-of-services attacks. Dark Utilities is the latest example of malware-as-a-service and ransomware-as-a-service that diversify cyber criminals' revenue by letting them profit from less-skilled programmers on top of their own exploits.

Twitter on Friday revealed that a now-patched zero-day bug was used to link phone numbers and emails to user accounts on the social media platform. "As a result of the vulnerability, if someone submitted an email address or phone number to Twitter's systems, Twitter's systems would tell the person what Twitter account the submitted email addresses or phone number was associated with, if any," the company said in an advisory.

In this Help Net Security video, Charl van der Walt, Head of Security Research, Orange Cyberdefense, discusses whether criminalizing ransomware payments could quell the current crime wave by...