Updates as of 3/30/2022

Note: I am going to start the data as such. I will post the “updates” roughly around 10am (central time) each day. Anything that comes out after that, will go into the next day and will be posted at noon the next day. The sections below will evolve a little over time. If you have suggestions as to better organize the below, please email me at John <@> SecurityThreatNews[.]com. Am always happy to hear criticism/commentary.

News/Intelligence/IOCs Stories

  • Compromised WordPress sites launch DDoS on Ukrainian websites – LINK
  • Wyze Cam flaw lets hackers remotely access your saved videos – LINK
  • CISA warns of attacks targeting Internet-connected UPS devices – LINK
  • FBI warns election officials of credential phishing attacks – LINK
  • Mars Stealer malware pushed via OpenOffice ads on Google – LINK
  • Log4JShell Used to Swarm VMware Servers with Miners, Backdoors – LINK
  • Mutating Verblecon malware in illicit cryptomining … so far – LINK
  • FBI says Russian hackers scanning US energy systems – LINK
  • Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests” – LINK
  • Ubiquiti files defamation lawsuit against Krebs of Krebs on Security – LINK
  • Detailed: Critical hijacking bugs that took months to patch in Microsoft Azure Defender for IoT – LINK
  • This new ransomware targets data visualization tool Jupyter Notebook – LINK
  • Growing Concern – UK Cyber Security Centre advises review of risk posed by Russian tech – LINK
  • An In-Depth Look at ICS Vulnerabilities Part 1 – LINK
  • Phishing campaign targets Russian govt dissidents with Cobalt Strike – LINK
  • MSHTML Flaw Exploited to Attack Russian Dissidents – LINK
  • Viasat shares details on KA-SAT satellite service cyberattack – LINK
  • Mazda Infotainment Crash Shows How Fragile Car Security Really Is – LINK
  • Remcos Trojan KillChain Breakdown by Morphisec – LINK
  • Top 3 Stealer Malware Activity Research by BrandDefense – LINK

Vulnerability Related

Breach Related Stories

  • Shutterfly discloses data breach after Conti ransomware attack – LINK
  • $620 million in crypto stolen from Axie Infinity’s Ronin bridge – LINK
  • LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data – LINK