AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 06/06/2022

Evil Corp affiliates are using off-the-shelf ransomware to evade sanctions

Hackers likely affiliated with the notorious Russian cybercrime group Evil Corp are using off-the-shelf ransomware to evade U.S. sanctions, researchers at security firm Mandiant have found. The researchers’ observations, published Thursday, are just the latest example of how cybercriminals affiliated with Evil Corp have shifted tactics after U.S. sanctions in 2019 increased scrutiny over transactions with the group. The group, which had already started pivoting from broader financial crimes to ransomware prior to 2019, has since been tied by multiple researchers to a number of different malware strains including WASTEDLOCKER and HADES ransomware.


Parental controls: What they can and can’t do for you

Parental controls can be useful to limit the risks your children run into online, but you should know up front that they cannot eliminate every risk out there. Parents and adults everywhere are understandably having a hard time keeping up with the favored social networks of children and adolescents, and that’s because the more “grown-ups” who sign up for these platforms, the less attractive they become for kids. So, even though you may be fully versed in Facebook, tough luck, because your children may have moved on without you knowing about it. Also, never underestimate the online skills of young ones—they almost certainly know a lot more about all things “cyber” than you did at that age. Feeling the loss of control of your children’s digital lives can be hard to accept, which is why so many parents turn to parental controls to better understand what their kids are doing and how they can keep them safe.


Exploitation of Atlassian Confluence zero-day surges fifteen-fold in 24 hours

The exploitation of a critical-severity remote code execution (RCE) zero-day flaw in Atlassian Confluence Server and Data Center has increased by nearly fifteen times in the two days since active attacks were first registered. Experts at internet security firm GreyNoise said the number of unique IP addresses launching attacks using the RCE flaw, tracked as CVE-2022-26134, has risen from 28 to 400 since Friday when exploitation began. Cyber security company Volexity first reported that it discovered the RCE vulnerability over the US’ Memorial Day weekend (28-30 May) after noticing suspicious activity on two internet-facing web servers. It was assigned a CVE tracking code on 31 May and Volexity published its findings last week, with a clear rise in active exploits on current versions following a day after, on 3 June.


Tech pros have low confidence in supply chain security

Security threats have heightened the supply chain challenges enterprises have faced over the past two years, and a new ISACA survey report finds only 44% of IT professionals surveyed have high confidence in the security of their organization’s supply chain. Furthermore, 30% said their organization’s leaders don’t have a sufficient understanding of supply chain risks, and the future doesn’t look much better—53% said supply chain issues will stay the same or worsen over the next six months, according to the report by the professional association, which focuses on IT governance. The report includes responses from more than 1,300 IT professionals with supply chain insight, 25% of whom noted that their organization experienced a supply chain attack in the last 12 months, the ISACA said.


Apple: These are the sorts of apps we blocked from our App Store last year

Apple says it prevented over 1.6 million risky and untrustworthy apps and app updates from reaching the App Store and stopped over $1.5 billion in fraudulent transactions in 2021. Apple produced its first fraud prevention analysis last year, detailing it had prevented one million potentially bad apps from the App Store and protected customers from nearly $1.5 billion in potentially fraudulent transactions in 2020. In 2021, Apple rejected 34,500 apps for containing hidden or undocumented features, down from 48,000 in 2020. It also rejected 157,000 apps for being spam, copycats, or misleading to users, up from 150,000 in 2020. And it rejected 343,000 apps for privacy violations in 2021, up from 215,000 a year prior. 


EU deal on single mobile charging port likely June 7 in setback for Apple

EU countries and EU lawmakers are set to agree on a common charging port for mobile phones, tablets and headphones on June 7 when they meet to discuss a proposal that has been fiercely criticised by Apple (AAPL.O), people familiar with the matter said. The proposal for a single mobile charging port was first broached by the European Commission more than a decade ago after iPhone and Android users complained about having to use different chargers for their phones. The former is charged from a Lightning cable while Android-based devices are powered using USB-C connectors.

Related Posts