Nearly 34 Ransomware Variants Observed in Hundreds of Cyberattacks in Q4 2021

Nearly 34 Ransomware Variants Observed in Hundreds of Cyberattacks in Q4 2021,

As many as 722 ransomware attacks were observed during the fourth quarter of 2021, with LockBit 2.0, Conti, PYSA, Hive, and Grief emerging as the most prevalent strains, according to new research published by Intel 471.
The attacks mark an increase of 110 and 129 attacks from the third and second quarters of 2021, respectively. In all, 34 different ransomware variants were detected during the

,

As many as 722 ransomware attacks were observed during the fourth quarter of 2021, with LockBit 2.0, Conti, PYSA, Hive, and Grief emerging as the most prevalent strains, according to new research published by Intel 471.
The attacks mark an increase of 110 and 129 attacks from the third and second quarters of 2021, respectively. In all, 34 different ransomware variants were detected during the

, ,
https://thehackernews.com/2022/03/nearly-34-ransomware-variants-observed.html

CaddyWiper: Yet Another Data Wiping Malware Targeting Ukrainian Networks

CaddyWiper: Yet Another Data Wiping Malware Targeting Ukrainian Networks,

Two weeks after details emerged about a second data wiper strain delivered in attacks against Ukraine, yet another destructive malware has been detected amid Russia’s continuing military invasion of the country.
Slovak cybersecurity company ESET dubbed the third wiper « CaddyWiper, » which it said it first observed on March 14 around 9:38 a.m. UTC. Metadata associated with the executable (« 

,

Two weeks after details emerged about a second data wiper strain delivered in attacks against Ukraine, yet another destructive malware has been detected amid Russia’s continuing military invasion of the country.
Slovak cybersecurity company ESET dubbed the third wiper « CaddyWiper, » which it said it first observed on March 14 around 9:38 a.m. UTC. Metadata associated with the executable (« 

, ,
https://thehackernews.com/2022/03/caddywiper-yet-another-data-wiping.html

Massive DDoS Attack Knocked Israeli Government Websites Offline

Massive DDoS Attack Knocked Israeli Government Websites Offline,

A number of websites belonging to the Israeli government were felled in a distributed denial-of-service (DDoS) attack on Monday, rendering the portals inaccessible for a short period of time.
« In the past few hours, a DDoS attack against a communications provider was identified, » the Israel National Cyber Directorate (INCD) said in a tweet. « As a result, access to several websites, among them

,

A number of websites belonging to the Israeli government were felled in a distributed denial-of-service (DDoS) attack on Monday, rendering the portals inaccessible for a short period of time.
« In the past few hours, a DDoS attack against a communications provider was identified, » the Israel National Cyber Directorate (INCD) said in a tweet. « As a result, access to several websites, among them

, ,
https://thehackernews.com/2022/03/massive-ddos-attack-knocked-israeli.html

‘Dirty Pipe’ Linux Flaw Affects a Wide Range of QNAP NAS Devices

‘Dirty Pipe’ Linux Flaw Affects a Wide Range of QNAP NAS Devices

,

Network-attached storage (NAS) appliance maker QNAP on Monday warned of a recently disclosed Linux vulnerability affecting its devices that could be abused to elevate privileges and gain control of affected systems.
« A local privilege escalation vulnerability, also known as ‘Dirty Pipe,’ has been reported to affect the Linux kernel on QNAP NAS running QTS 5.0.x and QuTS hero h5.0.x, » the company

,

Network-attached storage (NAS) appliance maker QNAP on Monday warned of a recently disclosed Linux vulnerability affecting its devices that could be abused to elevate privileges and gain control of affected systems.
« A local privilege escalation vulnerability, also known as ‘Dirty Pipe,’ has been reported to affect the Linux kernel on QNAP NAS running QTS 5.0.x and QuTS hero h5.0.x, » the company

, ,
https://thehackernews.com/2022/03/dirty-pipe-linux-flaw-affects-wide.html

Gaming Company Ubisoft Confirms It was Hacked, Resets Staff Passwords

Gaming Company Ubisoft Confirms It was Hacked, Resets Staff Passwords,

French video game company Ubisoft on Friday confirmed it was a victim of a « cyber security incident, » causing temporary disruptions to its games, systems, and services.
The Montreuil-headquartered firm said that an investigation into the breach was underway and that it has initiated a company-wide password reset as a precautionary measure.
« Also, we can confirm that all our games and services

,

French video game company Ubisoft on Friday confirmed it was a victim of a « cyber security incident, » causing temporary disruptions to its games, systems, and services.
The Montreuil-headquartered firm said that an investigation into the breach was underway and that it has initiated a company-wide password reset as a precautionary measure.
« Also, we can confirm that all our games and services

, ,
https://thehackernews.com/2022/03/gaming-company-ubisoft-confirms-it-was.html

Why Enterprise Threat Mitigation Requires Automated, Single-Purpose Tools

Why Enterprise Threat Mitigation Requires Automated, Single-Purpose Tools,

As much as threat mitigation is to a degree a specialist task involving cybersecurity experts, the day to day of threat mitigation often still comes down to systems administrators. For these sysadmins it’s not an easy task, however. In enterprise IT, sysadmins teams have a wide remit but limited resources.
For systems administrators finding the time and resources to mitigate against a growing

,

As much as threat mitigation is to a degree a specialist task involving cybersecurity experts, the day to day of threat mitigation often still comes down to systems administrators. For these sysadmins it’s not an easy task, however. In enterprise IT, sysadmins teams have a wide remit but limited resources.
For systems administrators finding the time and resources to mitigate against a growing

, ,
https://thehackernews.com/2022/03/why-enterprise-threat-mitigation.html

Russian Ransomware Gang Retool Custom Hacking Tools of Other APT Groups

Russian Ransomware Gang Retool Custom Hacking Tools of Other APT Groups,

A Russian-speaking ransomware outfit likely targeted an unnamed entity in the gambling and gaming sector in Europe and Central America by repurposing custom tools developed by other APT groups like Iran’s MuddyWater, new research has found.
The unusual attack chain involved the abuse of stolen credentials to gain unauthorized access to the victim network, ultimately leading to the deployment of

,

A Russian-speaking ransomware outfit likely targeted an unnamed entity in the gambling and gaming sector in Europe and Central America by repurposing custom tools developed by other APT groups like Iran’s MuddyWater, new research has found.
The unusual attack chain involved the abuse of stolen credentials to gain unauthorized access to the victim network, ultimately leading to the deployment of

, ,
https://thehackernews.com/2022/03/russian-ransomware-gang-retool-custom.html

New Linux Bug in Netfilter Firewall Module Lets Attackers Gain Root Access

New Linux Bug in Netfilter Firewall Module Lets Attackers Gain Root Access,

A newly disclosed security flaw in the Linux kernel could be leveraged by a local adversary to gain elevated privileges on vulnerable systems to execute arbitrary code, escape containers, or induce a kernel panic.
Tracked as CVE-2022-25636 (CVSS score: 7.8), the vulnerability impacts Linux kernel versions 5.4 through 5.6.10 and is a result of a heap out-of-bounds write in the netfilter

,

A newly disclosed security flaw in the Linux kernel could be leveraged by a local adversary to gain elevated privileges on vulnerable systems to execute arbitrary code, escape containers, or induce a kernel panic.
Tracked as CVE-2022-25636 (CVSS score: 7.8), the vulnerability impacts Linux kernel versions 5.4 through 5.6.10 and is a result of a heap out-of-bounds write in the netfilter

, ,
https://thehackernews.com/2022/03/new-linux-bug-in-netfilter-firewall.html

Researchers Find New Evidence Linking Kwampirs Malware to Shamoon APT Hackers

Researchers Find New Evidence Linking Kwampirs Malware to Shamoon APT Hackers,

New findings released last week showcase the overlapping source code and techniques between the operators of Shamoon and Kwampirs, indicating that they « are the same group or really close collaborators. »
« Research evidence shows identification of co-evolution between both Shamoon and Kwampirs malware families during the known timeline, » Pablo Rincón Crespo of Cylera Labs said.
« If Kwampirs is

,

New findings released last week showcase the overlapping source code and techniques between the operators of Shamoon and Kwampirs, indicating that they « are the same group or really close collaborators. »
« Research evidence shows identification of co-evolution between both Shamoon and Kwampirs malware families during the known timeline, » Pablo Rincón Crespo of Cylera Labs said.
« If Kwampirs is

, ,
https://thehackernews.com/2022/03/researchers-find-new-evidence-linking.html

Multiple Security Flaws Discovered in Popular Software Package Managers

Multiple Security Flaws Discovered in Popular Software Package Managers,

Multiple security vulnerabilities have been disclosed in popular package managers that, if potentially exploited, could be abused to run arbitrary code and access sensitive information, including source code and access tokens, from compromised machines.
It’s, however, worth noting that the flaws require the targeted developers to handle a malicious package in conjunction with one of the affected

,

Multiple security vulnerabilities have been disclosed in popular package managers that, if potentially exploited, could be abused to run arbitrary code and access sensitive information, including source code and access tokens, from compromised machines.
It’s, however, worth noting that the flaws require the targeted developers to handle a malicious package in conjunction with one of the affected

, ,
https://thehackernews.com/2022/03/multiple-security-flaws-discovered-in.html