Security News > 2022 > December

American cloud computing services provider Rackspace is investigating a 12-hour-long and still active outage leading to connectivity issues and affecting hosted Microsoft Exchange environments they manage for their customers. "We are investigating an issue that is affecting our Hosted Exchange environments. More details will be posted as they become available," Rackspace said on Friday night, at 02:49 AM EST, when it acknowledged the outage.

It's just under a month since iOS 16.1.1 came out for Apple iPhone users, fixing a pair of bugs that were listed with the worrying words "a remote user may be able to cause unexpected app termination or arbitrary code execution". Now, there's another security update, apparently moving iPhone users only up to version iOS 16.1.2.

The Cuba gang has hit more than 100 organizations worldwide, demanding over $145 million in payments and successfully extorting at least $60 million since August, according to a joint FBI and US Cybersecurity and Infrastructure Security Agency advisory. Private security researchers have identified possible links between Cuba ransomware criminals and their RomCom remote access trojan and Industrial Spy ransomware counterparts.

This becomes catastrophic as the effects of that attack become greater. The magnifying effects of technology enable short-term damage to cause long-term planet-wide systemic damage.

Back in August 2022, popular password manager company LastPass admitted to a data breach. LastPass insisted that the developer's account hadn't given the criminals access to any customer data, or indeed to anyone's encrypted password vaults.

The Department of Homeland Security Cyber Safety Review Board will review attacks linked to an extortion gang known as Lapsus$, which breached multiple high-profile companies in recent incidents. As announced on Friday, the goal behind CSRB's review of the gang's hacking activities is to provide advice on defending against Lapsus$ attacks.

A new residential proxy market is becoming popular among hackers, cybercriminals, phishers, scalpers, and scammers, selling access to a million claimed proxy IP addresses worldwide. The BlackProxies service claims to have access to a pool of 1,000,000 IP addresses from around the world, all coming from real residential users, ensuring unblocked status, low detection rates, and good speeds.

A previously undocumented data wiper named CryWiper is masquerading as ransomware, but in reality, destroys data beyond recovery in attacks against Russian mayor's offices and courts. "In the fall of 2022, our solutions detected attempts by a previously unknown Trojan, which we named CryWiper, to attack an organization's network in the Russian Federation," explains the new report by Kaspersky.

A previously undocumented data wiper named CryWiper is masquerading as ransomware, extorting victims to pay for a decrypter, but in reality, it just destroys data beyond recovery. CryWiper was first discovered by Kaspersky this fall, seen in attacks against organizations in the Russian Federation.

The Spanish National Police have arrested 55 members of the 'Black Panthers' cybercrime group, including one of the organization's leaders based in Barcelona. The gang was operating four specialized activity cells dedicated to social engineering, vishing, phishing, and carding, having a very organized structure.