<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 4/15/2022

SHARE

Top News

North Korea's Lazarus cyber-gang caught 'spying' on chemical sector companies

North Korea's Lazarus cybercrime gang is now breaking into chemical sector companies' networks to spy on them, according to Symantec's threat intel team. While the Korean crew's recent, and highly profitable, thefts of cryptocurrency have been in the headlines, the group still keeps its spying hand in. Fresh evidence has been found linking a recent espionage campaign against South Korean targets to file hashes, file names, and tools previously used by Lazarus, according to Symantec. READ MORE...

Hacking

FBI links largest crypto hack ever to North Korean hackers

The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the address that received the cryptocurrency stolen in the largest cryptocurrency hack ever, the hack of Axie Infinity's Ronin network bridge. The Federal Bureau of Investigation (FBI) said two North Korean hacking groups, Lazarus and BlueNorOff (aka APT38), were behind last month's Ronin hack. READ MORE...

Software Updates

Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP!

Three days have passed since Microsoft's latest Patch Tuesday, and CVE-2022-26809 has emerged as the vulnerability with the most exploitation potential. It's easy to see why: it may be exploited by unauthenticated, remote attackers to breach systems and by attackers that already have access to a system and want to hop on others on the same network. It can also be exploited without the vulnerable system's user doing anything at all (aka "zero-click" exploitation). READ MORE...


Juniper Networks Patches Vulnerabilities in Contrail Networking, Junos OS

Juniper Networks this week announced the release of patches for more than 30 vulnerabilities across its portfolio, including severe flaws in Contrail Networking and Junos OS. Two advisories describing a total of 13 security holes in the Contrail Networking software-defined networking (SDN) solution were published this week, with seven of the bugs carrying a CVSS score above 9.0. READ MORE...

Malware

US uncovers "Swiss Army knife" for hacking industrial control systems

Malware designed to target industrial control systems like power grids, factories, water utilities, and oil refineries represents a rare species of digital badness. So when the United States government warns of a piece of code built to target not just one of those industries, but potentially all of them, critical infrastructure owners worldwide should take notice. READ MORE...


Information-stealing malware is spreading widely on Telegram, Cisco Talos says

A new information stealer - dubbed "ZingoStealer" by the Cisco Talos researchers who identified the malware last month - is now being shared prolifically on Telegram by the Haskers Gang, a collective of cybercriminals. The gang has been targeting Russian speakers and gamers, Nick Biasini, the head of outreach for Cisco Talos told CyberScoop. Victims think they're receiving a file with game cheats, pirated software or some other useful item, but it's the malware instead. READ MORE...


New 'Enemybot' DDoS Botnet Targets Routers, Web Servers

A recently identified DDoS botnet has targeted several router models and various types of web servers by exploiting known vulnerabilities, Fortinet warns. Dubbed Enemybot, the botnet appears to be the work of Keksec, an established cybercrime group that specializes in DDoS attacks and cryptocurrency mining. The malware was built using the source code of the Gafgyt (Bashlite) botnet with some modules borrowed from the infamous Mirai botnet, including the scanner module and a bot killer module. READ MORE...

On This Date

  • ...in 1452, Italian painter, sculptor, and architect Leonardo da Vinci is born in Florence.
  • ...in 1865, at 7:22 a.m., Abraham Lincoln, the 16th president of the United States, dies from a bullet wound inflicted the night before by John Wilkes Booth.
  • ...in 1912, the British ocean liner Titanic sinks into the North Atlantic Ocean about 400 miles south of Newfoundland, Canada.
  • ...in 1947, Jackie Robinson, age 28, becomes the first African American player in Major League Baseball.