Weekday Digest – 4/5/2022 (Tuesday)

John

Information from Monday afternoon to Tuesday morning.

News/Intelligence/IOCs Stories

  • CISA Adds Four Known Exploited Vulnerabilities to Catalog – LINK
  • Zyxel patches critical vulnerability that can allow Firewall and VPN hijacks – LINK
  • Cyclops Blink Malware Targeting WatchGuard Firewalls – LINK
  • Lapsus$ Threat Actor Demonstrates Access to Backend Okta Tooling – LINK
  • Ransomware Will Grind You Down Without Proper Precautions, FBI Tells Local Governments – LINK
  • Millions of Installations Potentially Vulnerable to Spring Framework Flaw – LINK
  • VMware released updates to fix the Spring4Shell vulnerability in multiple products – LINK
  • GitHub can now auto-block commits containing API keys, auth tokens – LINK
  • Germany Shuts Down Russian Hydra DarkNet Market; Seize $25 Million in Bitcoin – LINK
  • CISA adds Spring4Shell flaw to its Known Exploited Vulnerabilities Catalog – LINK
  • Academics Devise Side-Channel Attack Targeting Multi-GPU Systems – LINK
  • Singapore looks to drive maritime innovation, cybersecurity resilience – LINK
  • Is API Security on Your Radar?LINK
  • Palestinian Lawyer Sues Pegasus Spyware Maker in France – LINK
  • Researchers Trace Widespread Espionage Attacks Back to Chinese ‘Cicada’ HackersLINK
  • US judge sentences men for $1.5 million Apple Gift Card scam – LINK
  • CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability – LINK
  • WhatsApp voice message phishing emails push info-stealing malware – LINK
  • Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload – LINK
  • CISA advises D-Link users to take vulnerable routers offline – LINK
  • Spring4Shell – A Deep Understanding (CVE-2022–22965) – LINK

Regulation Related Stories

  • State Department Announces Bureau of Cyberspace and Digital Policy – LINK
  • (Australia) – More cops to start using national real-time criminal intelligence system – LINK

Russia/Ukraine War Related Stories

  • CFC Response to Russia / Ukraine Tensions and Potential Cyber-Attacks in Retaliation to Western Sanctions – LINK
  • Russians bypass website blocks to access Western news sources – LINK
  • Ukraine spots Russian-linked ‘Armageddon’ phishing attacks – LINK
  • New Analysis: The CaddyWiper Malware Attacking Ukraine – LINK

Vulnerability Related

  • “Dirty Pipe” Linux Kernel Local Privilege Escalation (LPE) Vulnerability (CVE-2022-0847) – LINK
  • Vulnerability Summary for the Week of March 28, 2022 – LINK
  • Yokogawa Patches Flaws Allowing Disruption, Manipulation of Physical Processes – LINK

New Breach Related Stories

  • Hackers breach MailChimp’s internal tools to target crypto customers – LINK
  • Wind Turbine Giant Nordex Shuts Down IT Systems in Response to Cyberattack – LINK