<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/1/2022

SHARE

Top News

Researchers Warn of Stealthy Chinese Backdoor Targeting Multiple Foreign Agencies

A stealthy backdoor program used by China-linked threat actors has targeted government computers at multiple foreign agencies, allowing attackers to retain a presence on sensitive networks and exfiltrate data while remaining undetected. A stealthy backdoor program discovered in tools used by China-linked threat actors has targeted government computers at multiple foreign agencies, allowing attackers to retain a presence on sensitive networks and exfiltrate data - while remaining undetected. READ MORE...

Breaches

Toyota Halts Production After Suspected Supply Chain Attack

Japanese automobile giant Toyota says it will halt production at all 28 lines of its 14 plants in Japan starting March 1, after a "system failure" at a supplier caused problems with its just-in-time production control system. The partner company, Kojima Industries, supplies Toyota with parts used in the vehicle's exterior as well as composite and plastic parts used in the vehicle's interior, including air-conditioning and steering wheel components. READ MORE...

Hacking

Ukraine says its 'IT Army' has taken down key Russian sites

Key Russian websites and state online portals have been taken offline by attacks claimed by the Ukrainian cyber police force, which now openly engages in cyber-warfare. As the announcement of the law enforcement agency's site details, specialists from the force have teamed with volunteers to attack the web resources of Russia and Belarus. The three countries are currently involved in an ongoing and large-scale armed forces conflict that includes a cyber frontline, which manifested even before the invasion. READ MORE...


Instagram scammers as busy as ever: passwords and 2FA codes at risk

We monitor a range of email addresses related to Naked Security, so we receieve a regular (a word we are using here to mean "unrelenting") supply of real-world spams and scams. Some of our email addresses are obviously directly associated with various Sophos-related social media accounts, others are more general business-oriented addresses, and some are just regular, consumer-style emails. READ MORE...

Information Security

Unusual sign-in activity mail goes phishing for Microsoft account holders

We've received an interesting spam email which (deliberately or not) could get people thinking about the current international crisis. Being on your guard will pay dividends over the coming days and weeks, as more of the below is sure to follow. The email's subject line, "Microsoft account unusual sign-in activity", is always guaranteed to attract some attention. READ MORE...

Exploits/Vulnerabilities

CISA, FBI Issue Warnings on WhisperGate, HermeticWiper Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released indicators of compromise to help threat hunters look for signs of WhisperGate and HermeticWiper, two destructive malware files seen in recent attacks against organizations in Ukraine. Both malware families are destructive in nature: they were designed to wipe the Master Boot Record (MBR) of the victim system to render it inoperable. READ MORE...

On This Date

  • ...in 1803, Ohio becomes the 17th state of the United States.
  • ...in 1944, The Who lead singer Roger Daltrey ("My Generation", "Pinball Wizard") is born in London, England.
  • ...in 1990, games publisher Steve Jackson Games is raided by the U.S. Secret Service, after their cyberpunk role-playing game is mistaken for an actual hacking guide.
  • ...in 1998, James Cameron's "Titanic" becomes the first motion picture to gross over $1 billion worldwide.