Microsoft has successfully disrupted attacks against Ukrainian targets coordinated by the Russian APT28 hacking group after taking down seven domains used as attack infrastructure. Strontium (also tracked as Fancy Bear or APT28), linked to Russia's military intelligence service GRU, used these domains to target multiple Ukrainian institutions, including media organizations. READ MORE...
Facebook today reported an increase in attacks on accounts run by Ukraine military personnel. In some cases, attackers took over accounts and posted "videos calling on the Army to surrender," but Facebook said it blocked sharing of the videos. Specifically, Facebook owner Meta's Q1 2022 Adversarial Threat Report said it has "seen a further spike in compromise attempts aimed at members of the Ukrainian military by Ghostwriter." READ MORE...
An update to Raspberry Pi OS Bullseye has removed the default 'pi' user to make it harder for attackers to find and compromise Internet-exposed Raspberry Pi devices using default credentials. Starting with this latest release, when installing the OS, you will first be prompted to create an account by choosing a username and password (before this change, the OS installer would only ask for a custom password). READ MORE...
March Patch Tuesday releases followed in the footsteps of February with low numbers of CVEs reported and resolved, and all updates rated as important except one critical update for Microsoft Exchange Server. Could April Patch Tuesday provide the deluge of critical updates we were expecting last month? Microsoft has clearly been busy working on security improvements in multiple arenas. READ MORE...
Security researchers have discovered the first malware specifically developed to target Amazon Web Services (AWS) Lambda cloud environments with cryptominers. AWS Lambda is a serverless computing platform for running code from hundreds of AWS services and software as a service (SaaS) apps without managing servers. The new malware, dubbed Denonia by Cado Security researchers who spotted it being used in limited attacks, is a Go-based wrapper designed to mine for Monero cryptocurrency. READ MORE...