Security News
Proposed Europe regulations that purport to curb child abuse by imposing mass surveillance would be a "Disaster" for digital privacy and strong encryption, say cybersecurity experts. A number of options have been put forward for lawmakers to mull that aim to encourage or ensure online service providers and messaging apps tackle the "Detection, removal, and reporting of previously-known and new child sexual abuse material and grooming."
The US and the European Union have officially blamed Russia for a series of destructive data-wiping malware infections in Ukrainian government and private-sector networks - and said they will "Take steps" to defend against and respond to Kremlin-orchestrated attacks. Beginning in January, and continuing after Russian troops illegally invaded Ukraine the following month, as Ukrainian websites were vandalized or pummeled offline in distributed denial-of-service attacks, Russian cyberspies planted malicious data-destroying code in Ukraine's computers.
Cisco Talos Intelligence Group reported a new attack campaign from the infamous cyberespionage threat actor Mustang Panda, also known as Bronze President, RedDelta, HoneyMyte, TA416 or Red Lich with a particular focus on Europe. The downloader now downloads the decoy document from one URL and uses another URL to download the benign executable file, the DLL file and the final PlugX payload. More malware infections.
A Russian state-sponsored threat actor has been observed targeting diplomatic and government entities as part of a series of phishing campaigns commencing on January 17, 2022. Threat intelligence and incident response firm Mandiant attributed the attacks to a hacking group tracked as APT29, with some set of the activities associated with the crew assigned the moniker Nobelium.
Tens of thousands of Viasat satellite broadband modems that were disabled in a cyber-attack some weeks ago were wiped by malware with possible links to Russia's destructive VPNFilter, according to SentinelOne. In a statement, Viasat said the researchers' hypothesis was "Consistent with the facts in our report ... SentinelLabs identifies the destructive executable that was run on the modems using a legitimate management command as Viasat previously described."
The European Union Aviation Safety Agency, EU's air transport safety and environmental protection regulator, warned today of intermittent outages affecting Global Navigation Satellite Systems linked to the Russian invasion of Ukraine. These GNSS outages can lead to navigation and surveillance degradation due to jamming and/or possible spoofing issues that have intensified around Ukraine.
Google says Russian, Belarusian, and Chinese threat actors targeted Ukrainian and European government and military organizations, as well as individuals, in sweeping phishing campaigns and DDoS attacks. The Computer Emergency Response Team of Ukraine and Facebook previously warned of other phishing campaigns against Ukrainian officials and military personnel, also attributed Ghostwriter hackers.
The Roaming Mantis Android malware campaign has buzzed into Europe, quickly infesting France in particular, where there have been 66,789 downloads of the group's specific remote access trojan as of January. The campaign pushes the Android RAT known as Wroba onto victim devices.
The Roaming Mantis SMS phishing campaign has finally reached Europe, as researchers detect campaigns targeting Android and iPhone users in Germany and France with malicious apps and phishing pages. Roaming Mantis is a credential theft and malware distribution campaign that uses SMS phishing to distribute malicious Android apps as standalone APK files outside the Google Play Store.
The widely distributed FluBot malware continues to evolve, with new campaigns distributing the malware as Flash Player and the developers adding new features. Once in the device, FluBot can steal online banking credentials, send or intercept SMS messages, and capture screenshots.