Updates as of 4/1/2022

News/Intelligence/IOCs Stories

  • New AcidRain data wiper malware targets modems and routers – LINK
  • Chinese hacking group uses new ‘Fire Chili’ Windows rootkit – LINK
  • Researchers used a decommissioned satellite to broadcast hacker TV – LINK
  • Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks – LINK
  • The Windows Update policies you should set and why – LINK
  • Phishing uses Azure Static Web Pages to impersonate Microsoft – LINK
  • Chinese hackers Deep Panda return with Log4Shell exploits, new Fire Chili rootkit – LINK
  • Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit – LINK
  • Sitel on Okta breach: “spreadsheet” did not contain passwords – LINK
  • PCI Data Security Standard v4.0 Released to Address Emerging Threats – LINK
  • Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems – LINK

Regulation/Russia/Ukraine War Related Stories

  • Meet BlackGuard: a new infostealer peddled on Russian hacker forums – LINK
  • FBI adds LAPSUS$ data extortion gang to its “Most Wanted” list – LINK
  • FBI: Ransomware attacks are piling up the pressure on public services – LINK
  • Google: Russian credential thieves target NATO, Eastern European military – LINK
  • CISA adds Sophos firewall bug to Known Exploited Vulnerabilities Catalog – LINK
  • Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked – LINK

Vulnerability Related

  • CISA Adds Eight Known Exploited Vulnerabilities to Catalog – LINK
  • Two different “VMware Spring” bugs at large – we cut through the confusion – LINK
  • CISA Releases Security Advisories for Rockwell Automation Products – (CVE-2022-1161) – LINKLINK2
  • Apple emergency update fixes zero-days used to hack iPhones, Macs – (CVE-2022-22674 and CVE-2022-22675) – LINK
  • Zyxel patches critical bug affecting firewall and VPN devices – (CVE-2022-0342) – LINK
  • Linux secure networking security bug found and fixed – (CVE-2022-2766) – LINK
  • GitLab Critical Security Release: 14.9.2, 14.8.5, and 14.7.7 – LINK