Security News > 2022

The coordinated cyberattacks targeting Ukrainian government websites and the deployment of a data-wiper malware called WhisperGate on select government systems are part of a broader wave of malicious activities aimed at sabotaging critical infrastructure in the country. "The attack used vulnerabilities in the site's content management systems and Log4j, as well as compromised accounts of employees of the development company," the SSU said, corroborating prior disclosure from the Ukraine CERT team.

Microsoft has released an emergency out-of-band update for Windows Server 2019 that fixes numerous critical bugs introduced during the January 2022 Patch Tuesday. Soon after Windows Server admins installed the January 2022 updates, they began reporting severe issues, including domain controllers entering into boot loops, Hyper-V no longer starting, L2TP VPN connections failing, and ReFS volumes becoming inaccessible.

"We're awash in supply chain attacks, whether they're caused by active and purposeful hacking into software providers to poison code on purpose, or by an inattentive and casual attitude to sucking software components into our own products and services without even being aware," Ducklin said. "For years, we've batted around the idea that computer software and cloud services ought to have a credible Bill of Materials that would make it easy to figure out which newsworthy bugs might apply to each and every product we use," he continued.

Telegram is increasingly abused by cybercriminals to set up underground channels to sell stolen financial details to pseudonymous users. Finally, because Telegram channels are more volatile and short-lived than dark web markets, they could be safer to use for criminals as they are harder to track and correlate online personas with real identities.

Crypto.com, a Singapore-based cryptocurrency exchange, has denied reports that the firm lost nearly $15m in Ethereum in a possible network intrusion over the weekend. According to blockchain biz PeckShield, Crypto.com lost about $14.3m or 4,600 ETH, based on its analysis of public blockchain addresses.

A Microsoft developer document has leaked the company's plans for third-party widgets coming soon to the Windows 11 Widgets feature. With Windows 11, Microsoft converted the feature into a new app called 'Widgets,' which also pops up from the Windows taskbar.

It's not my intention to be alarmist about the Log4j vulnerability, known as Log4Shell, but this one is pretty bad. First of all, Log4j is a ubiquitous logging library that is very widely used by millions of computers. Second, the director of the U.S. Cybersecurity & Infrastructure Security Agency says this is the most serious vulnerability.

Italian luxury fashion giant Moncler confirmed that they suffered a data breach after files were stolen by the AlphV/BlackCat ransomware operation in December and published today on the dark web. Today, in a statement shared with Bleeping Computer, Moncler confirmed that some data related to its employees, former employees, suppliers, consultants, business partners, and customers was leaked today by the AlphaV ransomware operation.

Organizations running sophisticated virtual networks with VMware's vSphere service are actively being targeted by cryptojackers, who have figured out how to inject the XMRig commercial cryptominer into the environment, undetected.Uptycs' Siddharth Sharma has released research showing threat actors are using malicious shell scripts to make modifications and run the cryptominer on vSphere virtual networks.

Researchers at browser identification company FingerprintJS recently found and disclosed a fascinating data leakage bug in Apple's web browser software. At first telling, the bug sounds both undramatic and unimportant: although it allows private data to leak between separate browser tabs that contain content from unrelated websites, the amount of data that leaks is minuscule.