Security News > 2022 > November

Researchers at secure coding company Checkmarx have warned of porn-themed malware that's been attracting and attacking sleazy internet users in droves. The scam in this case claims to offer software that can reverse the effects of TikTok's Invisible filter, which is a visual effect that works a bit like the green screen or background filter that everyone seems to use these days in Zoom calls.

Locheed Martin has bagged a government contract to train 17,000 remote US Army civilian employees on security readiness, and wants to also extend the offer to private entities. MR2 is also able to synchronize data between the military's segmented classified and non-classified communication networks and "Allows cyber operators to get a full view of capability and skill levels across the entire workforce, removing the need to consult multiple systems and networks," Lockheed Martin said.

Spanish National Police have dismantled a cybercrime organization that used fake investment sites to defraud over €12.3 million from 300 victims across Europe. The threat actors then laundered money stolen from victims by moving it from Spanish banks to foreign financial entities where the criminals hoped it was away from the authorities' scrutiny or tracing ability.

Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines. Tracked as CVE-2022-4020, the high-severity vulnerability affects five different models that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G. The PC maker described the vulnerability as an issue that "May allow changes to Secure Boot settings by creating NVRAM variables." Credited with discovering the flaw is ESET researcher Martin Smolár, who previously disclosed similar bugs in Lenovo computers.

Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines. Tracked as CVE-2022-4020, the high-severity vulnerability affects five different models that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G. The PC maker described the vulnerability as an issue that "May allow changes to Secure Boot settings by creating NVRAM variables." Credited with discovering the flaw is ESET researcher Martin Smolár, who previously disclosed similar bugs in Lenovo computers.

Ransomware as a Service is a business model that helps ransomware developers and operators sell or lease out ransomware capabilities to threat actors. Common behaviors of ransomware Based on the attack pattern, ransomware can encrypt critical data without interfering with other computer system functions.

"Initially, built-in protection will include turning tamper protection on for your tenant, with other default settings coming soon," Microsoft explains.In September, Redmond added that it would soon enable tamper protection by default on all Microsoft Defender for Endpoint onboarded systems, locking Microsoft Defender Antivirus to secure default values and preventing any security settings changes.

The new directive, called "NIS2", will replace the current directive on security of network and information systems. NIS2 will set the baseline for cybersecurity risk management measures and reporting obligations across all sectors that are covered by the directive, such as energy, transport, health and digital infrastructure.

Webinar This year's RSA Conference saw SANS security experts gather to identify and discuss five of the most dangerous cyber attack techniques identified in the first half of the year. Katie Nickels, SANS Certified Instructor and Director of Intelligence for Red Canary, shares her tips on now best to detect and respond to attacks that hide behind legitimate cloud services to bypass firewalls and proxies.

In painstaking work backed by computers, Pierrot found "Distinct families" of about 120 symbols used by Charles V. "Whole words are encrypted with a single symbol" and the emperor replaced vowels coming after consonants with marks, she said, an inspiration probably coming from Arabic. In another obstacle, he used meaningless symbols to mislead any adversary trying to decipher the message.