Cyber Threats
This Week in Security News March 4, 2022
Global Cyberattacks: How to manage risk in times of chaos, and Ukraine-Russia cyber warzone splits cyber underground
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about best practises to manage cyber risk as global tensions rise. Also, read about how the Ukraine-Russian conflict is splitting the cyber underground.
Read on:
Global Cyberattacks: How to Manage Risk in Times of Chaos
As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience. Evidence of widespread defacement of government websites, and targeted attacks against government agencies and financial institutions serve yet another layer of risk to deal with, and it has never been more important to be on top of your security game. Trend Micro shares 5 best practises to manage cyber risk.
Ukraine-Russia Cyber Warzone Splits Cyber Underground
The Russia-Ukraine cyber warzone has split the Conti ransomware gang into warring factions, leading to a Ukrainian member spilling 60,000 of the group’s internal chat messages online. The conversations date back 13 months, from Jan. 29, 2021 to yesterday, Feb. 27 2022. The first dump contains 339 JSON files, with each file representing a full day’s log. Many of the messages are written in a Cyrillic-scripted language that appears, at least according to Google translate, to be Russian.
SMS PVA Part 2: Underground Service for Cybercriminals
In part two of Trend Micro’s series on SMS PVA, Trend Micro discusses how smspva.net and Android SMS interception works hand in hand. We’ll also illustrate an example of how users can use smspva.net to get an SMS verification code without using their own mobile number.
Toyota Suspends Domestic Factory Operations After Suspected Cyber Attack
Toyota said it suspended Japan factory operations, losing around 13,000 cars of output, after a supplier of plastic parts and electronic components was hit by a suspected cyberattack. No information was immediately available about who was behind the possible attack or the motive. The attack comes just after Japan joined Western allies in clamping down on Russia after it invaded Ukraine, although it was not clear if the attack was at all related.
Cyberattacks are Prominent in the Russia-Ukraine Conflict
Alongside the physical conflict happening between Russia and Ukraine, there have been an increasing number of alleged cyberattacks perpetrated by different groups. Trend Micro’s research teams have verified and validated internal data and external reports to provide accurate information that can be used to strengthen defences against these attacks and will continuously update this blog with validated threats as more events unfold.
Microsoft Says it Informed the Ukrainian Government About Cyberattacks
Microsoft said it’s been informing Ukraine about cyberattacks on civilian and military targets, though the software maker didn’t attribute the attacks to any specific actors. U.S. tech companies are responding in myriad ways to Russia’s invasion of Ukraine. Facebook owner Meta and Google parent Alphabet have announced efforts designed to tamp down misinformation on their platforms.
Companies' Code Leaking More Passwords and Secrets
Organisations leaked more than 6 million passwords, API keys, and other sensitive data — collectively known as development "secrets" — in 2021, doubling the number from the previous year, according to a new GitGuardian report published today. The report accounted for the fact that more code is being pushed to repositories and better detection capabilities are available.
Nvidia Confirms Company Data Was Stolen in Hack
Nvidia has confirmed that hackers stole data from the company during last week's breach. Nvidia didn’t specify what was stolen. But the group behind the breach, LAPSUS$, claims it looted 1TB of data, including files about Nvidia hardware and software. The hackers are now demanding the company pay up in cryptocurrency to keep the data secret. However, LAPSUS$ told us Nvidia has yet to reach out.
Has your organisation implements any of Trend Micro’s best practises for managing cyber risk? Tweet me on Twitter to continue the conversation: @JonLClay.