Security News

An increase in employee training and improved general awareness of cybersecurity has forced cybercriminals to change their tactics and take a more personal approach, known as spear phishing. To stay in front of new phishing attack techniques, it's also essential that employees are equipped with all the knowledge they need to spot a potential phishing attack that goes undetected, including how attack content differs from legitimate emails.

The National Institute of Standards and Technology has released updated guidance on securing the supply chain against cyberattacks. Since 2020, NIST has released two draft documents on how the enterprise can better defend itself from supply-chain attacks.

Cloudflare is reporting a large DDoS attack against an unnamed company "Operating a crypto launchpad.". While this isn't the largest application-layer attack we've seen, it is the largest we've seen over HTTPS. HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection.

Cloud-based code hosting platform GitHub described the recent attack campaign involving the abuse of OAuth access tokens issued to Heroku and Travis-CI as "Highly targeted" in nature. "This pattern of behavior suggests the attacker was only listing organizations in order to identify accounts to selectively target for listing and downloading private repositories," GitHub's Mike Hanley said in an updated post.

A Chinese state-sponsored espionage group known as Override Panda has resurfaced in recent weeks with a new phishing attack with the goal of stealing sensitive information. "The Chinese APT used a spear-phishing email to deliver a beacon of a Red Team framework known as 'Viper,'" Cluster25 said in a report published last week.

Russia's invasion on Ukraine has put a spotlight on threats to critical infrastructure, which thus far have been mostly physical, impacting water treatment, electricity, and nuclear plants. These threats to critical infrastructure may seem distant, but the involvement of the FBI shows they are not.

More recently, Russian hacktivist group "Killnet" has launched DDoS attacks on Romanian government sites. Conducting DDoS attacks is a criminal offense in most jurisdictions.

The Romanian national cyber security and incident response team, DNSC, has issued a statement about a series of distributed denial-of-service attacks targeting several public websites managed by the state entities. DNSC is now collaborating with other authorities in the country to map these attacks and mitigate their effect.

Users of Synology and QNAP network-attached storage devices are advised to be on the lookout for patches for several critical vulnerabilities affecting Netatalk, an open-source implemention of the Apple Filing Protocol that allows Unix-like operating systems to serve file servers for Macs.Network-attached storage devices are usually used by small-to-medium businesses and home users for storing and sharing files and backups.

Ukraine's computer emergency response team has published an announcement warning of ongoing DDoS attacks targeting pro-Ukraine sites and the government web portal. The threat actors, who at this time remain unknown, are compromising WordPress sites and injecting malicious JavaScript code to perform the attacks.