Security News > 2022 > October

As cyberattacks have grown increasingly destructive, nations are entertaining the idea of responding to them with conventional military forces. The seriousness of a cyberattack classified as an "Armed attack" against a NATO member cannot be overstated.

In this interview for Help Net Security, James Turgal, VP of Cyber Risk, Strategy and Board Relations at Optiv, talks about election cybersecurity and how to keep elections and electoral campaigns safe. After the results of the most recent presidential election was almost overshadowed by so-called "Election deniers" and those who continue to claim fraud in the votes cast, all eyes are on the midterm elections in November.

Crypto giveaway scams have evolved into an illicit market segment with multiple services that aim to facilitate fraudulent operations. The growth of fake crypto giveaways can be explained by a significantly enhanced arsenal and availability of tools for crypto scammers, even with low technical skills.

Netwrix announced additional findings for the healthcare sector from its global 2022 Cloud Security Report, revealing that 61% of respondents in the healthcare industry suffered a cyberattack on their cloud infrastructure within the last 12 months, compared to 53% for other verticals. "The healthcare sector is a lucrative target for attackers because the chances of success are higher. The first two years of the pandemic exhausted the industry. With patient health being the main priority for these organizations, IT security resources are often too stretched and are focused on maintaining only the most necessary functions," comments Dirk Schrader, VP of Security Research at Netwrix.

A report published by Deloitte in 2020 - Building cyber security into critical infrastructure: Protecting industrial control systems in Asia Pacific - concluded that critical infrastructure operators in Asia Pacific are being increasingly targeted by cyber espionage and sophisticated attacks which can severely disrupt essential services, including energy and water supplies. APAC cyber security professionals cannot afford to drop their guard for a second, but ICS/OT systems present some unique challenges when it comes to making sure they are safeguarded from unauthorized access, data theft and disruption.

A new and destructive 'Azov Ransomware' data wiper is being heavily distributed through pirated software, key generators, and adware bundles, trying to frame well-known security researchers by claiming they are behind the attack. As there is no way to contact the threat actors to pay a ransom, this malware should be treated as a destructive data wiper rather than ransomware.

Asia In Brief India's government has given itself the power to compel social networks to take down content. India's minister of state for electronics and information technology, Rajeev Chandrasekhar, said the GACs are needed because India's previous attempt at regulating social media - requiring the networks to appoint a grievance officer - has not delivered.

A free unofficial patch has been released for an actively exploited zero-day that allows files signed with malformed signatures to bypass Mark-of-the-Web security warnings in Windows 10 and Windows 11. What made these Magniber JavaScript files stand out was that even though they contained a Mark-of-a-Web, Windows did not display any security warnings when they were launched.

Incoming OpenSSL critical fix: Organizations, users, get ready!The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library. Apple fixes exploited iOS, iPadOS zero-dayFor the ninth time this year, Apple has released fixes for a zero-day vulnerability exploited by attackers to compromise iPhones.

A new open-source 'S3crets Scanner' scanner allows researchers and red-teamers to search for 'secrets' mistakenly stored in publicly exposed or company's Amazon AWS S3 storage buckets. In addition to application data, source code or configuration files in the S3 buckets can also contain 'secrets,' which are authentication keys, access tokens, and API keys.