Daily Cyber Brief

4/12/22

Cybersecurity

Anonymous vows to continue cyber war against Putin’s Russia until aggression in Ukraine stops

Hacker collective Anonymous continues to monitor Putin’s invasion of Ukraine and reports that it will continue its cyber war until Russia’s aggression stops. In a recent tweet, Anonymous said it will continue hacking and releasing confidential information…

US extradites man accused of unwittingly distributing FBI’s honeypot phones

The US extradited last month a man from the Netherlands who is accused of working for Anom — the encrypted communications platform used by global organized criminals that was the subject of a lengthy undercover FBI investigation dubbed “Operation Trojan Shield.”…

Rise in npm protestware: another open source dev calls Russia out

Developers are increasingly voicing their opinions through their open source projects in active use by thousands of software applications and organizations. To do this, a maintainer adds broken code, protest messages, or undesired damaging functionality in the latest versions of…

BlackCat ransomware group claims attack on Florida International University

The BlackCat (ALPHV) ransomware group says it has struck again, with Florida International University as their latest victim. The ransomware group, which most recently attacked North Carolina A&T University, claimed it has stolen a range of personal…

Briefs Nation-state F5 investigating reports of NGINX zero day

Application security giant F5 said it is investigating an alleged zero day vulnerability affecting the NGINX Web Server. “We are aware of reports of an issue with NGINX Web Server. We have prioritized investigating the matter and will provide more information as quickly as we…

XSS vulnerability patched in Directus data engine platform

A cross-site scripting (XSS) vulnerability has been patched in the popular Directus engine. programming-code-small.jpg Directus is an open source, modular content management system (CMS) promoted as a "flexible powerhouse for engineers." The platform can be used to wrap…

Researchers warn of FFDroider and Lightning info-stealers targeting users in the wild

Cybersecurity researchers are warning of two different information-stealing malware, named FFDroider and Lightning Stealer, that are capable of siphoning data and launching further attacks. "Designed to send stolen credentials and cookies to a Command & Control server…

Qbot malware switches to new Windows Installer infection vector

The Qbot botnet is now pushing malware payloads via phishing emails with password-protected ZIP archive attachments containing malicious MSI Windows Installer packages. This is the first time the Qbot operators are using this tactic, switching from their standard…

Luxury fashion house Zegna confirms August ransomware attack

The Italian luxury fashion house Ermenegildo Zegna has confirmed an August 2021 ransomware attack that resulted in an extensive IT systems outage. The disclosure came in today's filing of an SEC Form 424B3 that updates their investment prospectus to alert…

SuperCare Data Breach Involves More Than 300,000 Individuals

California-based respiratory care provider SuperCare Health revealed it had been hit by a data breach that affected more than 300,000 individuals. A recent data security notice posted on its website revealed that it discovered the incident on July 27 2021, when unauthorized…

Daily Cyber Brief

4/12/22

Cybersecurity

Join the conversation

Overt Operator