Cyber Threats
This Week in Security News - April 1, 2022
Probing the activities of cloud-based cryptocurrency-mining groups, and Lapsus$ ‘back from vacation’
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about Trend Micro’s findings on cloud-based crypto mining. Also, read up on Lapsus$’s return from vacation as they go after IT giant Globant in their latest attack.
Read on:
Probing the Activities of Cloud-Based Cryptocurrency-Mining Groups
Trend Micro‘s research into cloud-based cryptocurrency mining sheds light on the malicious actor groups involved in this space, their ongoing battle for cloud resources, and the actual extent of the impact of their attacks.
Lapsus$ added IT giant Globant plus 70GB of leaked data – including admin credentials for scads of customers’ DevOps platforms – to its hit list. The Lapsus$ data extortionists are back from a week-long “vacation” and posted images of exfiltrated data and admin credentials, purportedly belonging to Globant’s customers. The credentials unlock several of the company’s Atlassian suite DevOps platforms, including GitHub, Jira, Confluence and the Crucible code-review tool.
An In-Depth Look at ICS Vulnerabilities Part 1
Every year, vulnerabilities are discovered and registered to a Common Vulnerabilities and Exposures (CVE) ID by the MITRE Corporation. Each vulnerability’s details are recorded, and specialists also include how to mitigate them under their CVE ID. In this blog series, Trend Micro conducts an in-depth look at ICS vulnerabilities using MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS.
As White House Warns of Cybersecurity Threats, 600,000 Jobs Are Open
The war for talent has been well-telegraphed throughout the country, but it’s particularly acute in cybersecurity. And it’s only worsened as competition in the broader labor market has heated up, heightening companies’ potential vulnerability to hackers and the urgency to boost the workforce.
A multi-faceted cyberattack at the onset of Russia's war on Ukraine knocked out internet service for tens of thousands of satellite modems in Ukraine and elsewhere in Europe.. It's the most detailed public account yet of one of the most consequential hacks of the war. US officials are investigating the incident as a potential Russian state-sponsored cyberattack.
Google: Multiple Hacking Groups Are Using the War in Ukraine as a Lure in Phishing Attempts
Hostile hacking groups are exploiting Russia's invasion of Ukraine to carry out cyberattacks designed to steal login credentials, sensitive information, money and more from victims around the world. In just the last two weeks alone, Google has seen several hacking groups looking to take advantage of the war to fulfil their malicious aims, whether that's stealing information, stealing money, or something else.
Biden Requests Nearly $11B for Federal Cybersecurity Spending
President Joe Biden's 2023 IT federal civilian budget proposal published this week increases funding from $58.2 billion to $65.8 billion — including $11 billion in new funding for cybersecurity spending for fiscal 2023. Some $2.5 billion of the cybersecurity budget is earmarked for the Cybersecurity and Infrastructure Security Agency (CISA), nearly $500 million more than last year.
What did you find most interesting about Trend Micro’s crypto mining report? Tweet me on Twitter to continue the conversation: @JonLClay.