Daily Cyber Brief

4/1/22

Cybersecurity

Mystery remains on why US released prominent Russian hacker

The Justice Department has declined to provide a clear explanation as to why a well-known Russian hacker was released home last year amid warnings from President Joe Biden that the Kremlin may soon carry out cyberattacks against the United States. Aleksei Burkov is…

Anonymous’ next cyber target: Western companies still doing business in Russia

The “hacktivist” collective known as Anonymous said it has a new target in its “cyber war” against Russia — Western businesses that are still doing business there. A post on March 21 from a Twitter account named @YourAnonTV stated: “We call on all companies that…

New Python-based Ransomware Targeting JupyterLab Web Notebooks

Researchers have disclosed what they say is the first-ever Python-based ransomware strain specifically designed to target exposed Jupyter notebooks, a web-based interactive computing platform that allows editing and running programs via a browser. "The attackers gained…

Hackers Increasingly Using 'Browser-in-the-Browser' Technique in Ukraine Related Attacks

A Belarusian threat actor known as Ghostwriter (aka UNC1151) has been spotted leveraging the recently disclosed browser-in-the-browser (BitB) technique as part of their credential phishing campaigns exploiting the ongoing Russo-Ukrainian conflict. The method, which…

QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug

QNAP is warning clients that a recently disclosed vulnerability affects most of its NAS devices, with no mitigation available while the vendor readies a patch. Customers of Taiwan-based QNAP Systems are in a bit of limbo, waiting until the company releases a patch for…

Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks

A security vendor's recent analysis of Rockwell Automation's programmable logic controller (PLC) platform has uncovered two serious vulnerabilities that give attackers a way to modify automation processes and potentially disrupt industrial operations, cause physical damage…

Global BEC Crackdown Nets 65 Suspects

The FBI teamed up with international law enforcement agencies from around the globe to apprehend 65 alleged business email compromise (BEC) scammers behind crimes that cost some 500 US victims more than $51 million in losses. The suspects arrested were from the…

Apple emergency update fixes zero-days used to hack iPhones, Macs

Apple has released security updates on Thursday to address two zero-day vulnerabilities exploited by attackers to hack iPhones, iPads, and Macs. Zero-day security bugs are flaws the software vendor is unaware of and hasn't patched. In some cases, they also have publicly…

Chinese hacking group uses new 'Fire Chili' Windows rootkit

The Chinese hacking group Deep Panda is targeting VMware Horizon servers with the Log4Shell exploit to deploy a novel rootkit named 'Fire Chili.' The rootkit is digitally signed using a certificate from Frostburn Studios (game developer) or one from Comodo…

Viasat confirms satellite modems were wiped with AcidRain malware

A newly discovered data wiper malware that wipes routers and modems has been deployed in the cyberattack that targeted the KA-SAT satellite broadband service to wipe SATCOM modems on February 24, affecting thousands in Ukraine and tens of thousands more across…

Daily Cyber Brief

4/1/22

Cybersecurity

Join the conversation

Overt Operator