The disruption of tens of thousands of Viasat consumer broadband modems across central Europe on Feb. 24 when Russia invaded Ukraine may have involved "AcidRain" wiper malware, security researchers at SentinelOne report. Viasat says those findings are "consistent" with the known facts of the attack.
Two serious remote-code-execution vulnerabilities have been discovered in VMware's widely used Spring, which is a platform for building online applications. With at least one of the vulnerabilities already being actively exploited, VMware urges immediate patching.
Researchers have observed a growing number of threat actors using the Russia-Ukraine war as a lure in phishing and malware campaigns to target the military of multiple Eastern European countries, as well as a NATO Center of Excellence, according to Google's Threat Analysis Group.
Hackers have allegedly managed to breach the infrastructure belonging to Russia's Federal Air Transport Agency, or Rosaviatsiya, and wiped out its entire database and files consisting of 65TB of data, including documents, files, aircraft registration data and emails from the servers.
Globant, the Luxembourg-based software development company, on Thursday confirmed that an undisclosed actor - reportedly Lapsus$ - has illegally accessed the company's code repository, containing source code associated with some of its clients.
This edition analyzes how hackers exploited a misconfigured VPN device, gained access to Viasat's satellite network and caused a massive outage in Europe as Russia's invasion of Ukraine began. It also examines the invasion's impact on financial services and how to modernize security operations.
Sophos says it has provided a fix to a critical RCE bug known to be actively exploited primarily in South Asia. Sophos says no customer action is needed if the "Allow automatic installation of hotfixes" feature is enabled, but versions close to their end of life need manual configuration.
Communications company Viasat says it's been replacing about 30,000 broadband modems to restore service for customers in central Europe affected by a Feb. 24 attack that disrupted part of its satellite communications network and left modems unable to connect.
Days after the recent Okta data breach, parts of a security report, allegedly created by Mandiant, were leaked, giving the breach timeline and how the threat group gained access to Okta's environment. Security experts, including an Okta customer, discuss the report, supply chain risks and redress.
With the rapidly changing threat landscape, protecting your enterprise from breaches and account takeover fraud has never been a bigger challenge. Fraud teams have the challenges of understanding customer identities and human behaviors regardless of how many devices and accounts they use.
Europol on Tuesday announced the arrest of more than 100 individuals who were detained for their suspected roles in an international call center scam. The suspects arrested are believed to have turned an illegal profit of over 3 million euros per month with this scam.
The Russia-Ukraine war has altered the risks facing organizations that use Russian technology or services, including the increased threat of being directly targeted, as well as disruptions caused by any new sanctions, warns Britain's National Cyber Security Center.
On Monday, Ukrainian ISP Ukrtelecom was hit by a cyberattack that reduced its services, the SSSCIP of Ukraine says. It is reportedly the largest outage since Russia invaded Ukraine. Meanwhile, Russia’s internet services could be affected by a shortage of equipment due to ongoing sanctions.
Cyber experts recommend security teams stay on high alert in protecting enterprise networks as Russia launches cyberattacks against Ukraine, atop its ground invasion. This thread serves as a comprehensive security-related news thread for the Russia-Ukraine conflict.
Google's threat analysis team has detected a new remote code execution flaw leveraged by North Korean nation-state attackers targeting cryptocurrency, fintech and other industries. Although not named in the report, there appears to be a link to the notorious Lazarus cybercrime group.