Security News > 2022 > October

Ransomware has a longer history than you might imagine. Nowadays, they are more global, relentless, and unforgiving and have started to target cloud as well as on prem infrastructure.

The recently discovered Linux-Based ransomware strain known as Cheerscrypt has been attributed to a Chinese cyber espionage group known for operating short-lived ransomware schemes. "This reinforces claims that the 'Emperor Dragonfly' ransomware operators are based in China."

Cloudflare shows flair with new products for mobile and IoT security. Cloudflare holds the view that while corporate organizations have made moves to deploy zero-trust security solutions at the software level of their desktops, mobile devices have not received similar attention.

Specifically, we apply fluid dynamics to estimate the arrangement of the human vocal tract during speech generation and show that deepfakes often model impossible or highly-unlikely anatomical arrangements. The first step in differentiating speech produced by humans from speech generated by deepfakes is understanding how to acoustically model the vocal tract.

The North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver, highlighting new tactics adopted by the state-sponsored adversary. The Bring Your Own Vulnerable Driver attack, which took place in the autumn of 2021, is another variant of the threat actor's espionage-oriented activity called Operation In(ter)ception that's directed against aerospace and defense industries.

Acronis founder Serg Bell is afraid of his own vacuum cleaner, he told The Register in Singapore last week. "You should be afraid of your vacuum cleaner; it's most likely made in China," said Bell, adding that the vacuum cleaner is connected to the internet, likely has a camera, a microphone, and a map of your apartment.

CVE-2022-41040 and CVE-2022-41082, the two exploited MS Exchange zero-days that still have no official fix, have been added to CISA's Known Exploited Vulnerabilities Catalog. Mitigating the risk of exploitation until patches are ready will require patience and doggedness, as Microsoft is still revising its advice to admins and network defenders, and still working on the patches.

X-Force saw a nearly 25 percent jump in the number of incidents its IR team responded to from 2020 to 2021. It's a global issue, and as such IBM Security wanted to encourage "An industry-wide recognition and celebration of incident responders," Dine said.

A former U.S. National Security Agency employee has been arrested on charges of attempting to sell classified information to a foreign spy, who was actually an undercover agent working for the Federal Bureau of Investigation. Jareh Sebastian Dalke, 30, was employed at the NSA for less than a month from June 6, 2022, to July 1, 2022, serving as an Information Systems Security Designer as part of a temporary assignment in Washington D.C. According to an affidavit filed by the FBI, Dalke was also a member of the U.S. Army from about 2015 to 2018 and held a Secret security clearance, which he received in 2016.

About $22 trillion of global debt rated by Moody's Investors Service has "High," or "Very high" cyber-risk exposure, with electric, gas and water utilities, as well as hospitals, among the sectors facing the highest risk of cyberattacks. For its Cyber Heatmap, Moody's looks at two factors, exposure and mitigation, and weighs both across all of the sectors it rates.