Updates as of 3/31/2022

I have added a new section that is called Government/Regulation/Russia/Ukraine War related stories. These will be more those relating to the legal/law side of government stories, as well as those specifically around the Russian/Ukrainian War.

News/Intelligence/IOCs Stories

  • FBI Releases PIN on Phishing Campaign against U.S. Election Officials – LINK
  • VMware Horizon platform pummeled by Log4j-fueled attacks – LINK
  • Hive ransomware uses new ‘IPfuscation’ trick to hide payload – LINK
  • Remote ‘Brokenwire’ Hack Prevents Charging of Electric Vehicles – LINK
  • Ubiquiti sues Krebs on Security for defamation – LINK
  • Microsoft: These are the Windows Update policies you should set for your PCs (and rollercoasters) – LINK
  • Expect ‘long tail of cyber retaliation’ from Russia for sanctions, says ExtraHop CEO – LINK
  • Russia, Iran, Saudi Arabia are top sources of online misinformation – LINK
  • Palo Alto Networks error exposed customer support cases, attachments – LINK

Government/Regulation/Russia/Ukraine War Related Stories

  • Google: Russian war increasingly used as malware, phishing lure – LINK
  • United States – White House Proposed FY 2023 Budget Includes $500M Budget Bump for CISA – LINK
  • United States – US national emergency extended due to elevated malicious cyber activity – LINK
  • Australia – Public sector data sharing laws pass parliament with Labor changes – LINK
  • Australia – Australia’s second tranche of cyber laws passes both Houses – LINK
  • Hackers Increasingly Using ‘Browser in a Browser’ Technique in Ukraine Related Attacks – LINK
  • Nation-State Hackers Ramp Up Ukraine War-Themed Attacks – LINK

Vulnerability Related

  • QNAP warns severe OpenSSL bug affects most of its NAS devices – (CVE-2022-0778) – LINK
  • “VMware Spring Cloud” Java bug gives instant remote code execution – update now! – (no CVE Yet) – LINK

Breach Related Stories

  • Sephora Data Leak Impacts Nearly 500,000 Customers – LINK
  • US healthcare data breach impacts 85,000 law enforcement officers – LINK
  • Lapsus$ Cyberattack Victim List: Globant, Microsoft, Nvidia, Okta, Samsung – LINK
  • LockBit victim estimates cost of ransomware attack to be $42 million – LINK