21 min read

This Week's [in]Security - Issue 262

Picture of CG Blogger CG Blogger : Apr 10, 2022 9:24:00 AM

[in]security Microsoft Magecart Whatsapp Hydra Mailchimp Lambda Spring4Shell

Welcome to This Week’s [in]Security. PCI and payments: PCI related: PCI vs Magecart, Skimmers. Payments, Visa. New breaches: Yandex, MailChimp, Block, Parker-Hannifin, CashMama, Sask: SLGA, Medical. New Ransomware: Finland, The Works. Major outages, Atlassian. Follow-ups & Fall-out: Shopify, FIN7, Travelio. Privacy: Google, EU facial, NFTs. Laws & Regs - Canada: Cross-border CLOUD, Online News Act, Copyright. US: Anti-trust, Cyberpolicy, Indiana. World: UK, Palestine, Singapore, China. Standards: Blockchain, Patching. Defense: Training & events, Pre-emption, Medical devices, End-to-end, GitHub secrets & supply chain, fuzzing, Chrome, Microsoft, Pi. Vulnerabilities, Advisories. Zerodays. Patching: Vmware, GitLab, Zyxel, Android, Apple unpatched. Other: Linux, Spring4Shell, Wyze, WatchGuard. Vulnerability research: ICS. Crypto-research: GPRS, PQC. Cybercrime: Trends: Groups, WhatsApp, Lambda, Self-Spam. Crime & Enforcement: Hydra, Cyclops, gift cards, spies. Nation States and mercenaries: China, Hamas. Other: Wordpress, QR, Adobe. Other Risks: General: Health, Safety, Environment, Disinformation, Economy. Russia v. Ukraine. Innovation and more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

PCI Related:
- PCI DSS 4.0; It's time to get serious on Magecart https://scotthelme.co.uk/pci-dss-4-0-its-time-to-get-serious-on-magecart/
Payment skimmers/malware/fraud:
- Emma Sleep Company admits checkout cyber attack https://www.theregister.com/2022/04/04/emma_the_sleep_company_admits/
Other payment related:
- Visa Faces ‘New Network Fees' Antitrust Suit After Court of Appeal Loss https://www.pymnts.com/antitrust/2022/visa-faces-new-network-fees-antitrust-suit-after-court-of-appeal-loss/

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

New Breaches:
- Food Delivery Leak Unmasks Russian Security Agents https://www.databreaches.net/food-delivery-leak-unmasks-russian-security-agents/
- Hackers breach MailChimp's internal tools to target crypto customers https://www.bleepingcomputer.com/news/security/hackers-breach-mailchimps-internal-tools-to-target-crypto-customers/
- Block is contacting 8.2 million customers after a former employee downloaded company reports https://www.theverge.com/2022/4/5/23012328/block-reports-cash-app-investing-contacting-customers-sec-filing
- Parker-Hannifin discloses breach in regulatory filing https://www.databreaches.net/parker-hannifin-discloses-breach-in-regulatory-filing/
- Ransomware Gang Leaks Files Stolen From Industrial Giant Parker Hannifin https://www.securityweek.com/ransomware-gang-leaks-files-stolen-industrial-giant-parker-hannifin
- Thousands Of Indians Exposed In Data Breach Affecting Money Lending App CashMama https://www.databreaches.net/thousands-of-indians-exposed-in-data-breach-affecting-money-lending-app-cashmama/
- Bank had no firewall license, intrusion or phishing protection – guess the rest https://www.theregister.com/2022/04/05/mahesh_bank_no_firewall_attack/
- Sask. government refusing to pay ransom for SLGA hack https://regina.ctvnews.ca/slga-dealing-with-information-breach-1.5848301
- No warning from government that personal data was hacked: Sask. Liquor and Gaming suppliers https://www.cbc.ca/news/canada/saskatchewan/slga-suppliers-data-hacked-1.6406153
- Ca: SLGA business partners should have figured out on their own that their data may have been stolen: minister https://www.databreaches.net/ca-slga-business-partners-should-have-figured-out-on-their-own-that-their-data-may-have-been-stolen-minister/
- Audit of the Connecticut Health Insurance Exchange Uncovers 44 Unreported Data Breaches https://www.databreaches.net/audit-of-the-connecticut-health-insurance-exchange-uncovers-44-unreported-data-breaches/
- MO: Tague Family Practice patient records stolen and leaked https://www.databreaches.net/mo-tague-family-practice-patient-records-stolen-and-leaked/
- SuperCare Health notifies 318,379 patients of July breach https://www.databreaches.net/supercare-health-notifies-318379-patients-of-july-breach/
- Would Sea Mar Community Health even know about large patient data dumps if not for DataBreaches.net? https://www.databreaches.net/would-sea-mar-community-health-even-know-about-large-patient-data-dumps-if-not-for-databreaches-net/
New Ransomware and "Incidents":
- Nearly Two-Thirds of Ransomware Victims Paid Ransoms Last Year, Finds "2022 Cyberthreat Defense Report" https://www.darkreading.com/attacks-breaches/nearly-two-thirds-of-ransomware-victims-paid-ransoms-last-year-finds-2022-cyberthreat-defense-report-
- Finland hit by cyberattack, airspace breach https://www.databreaches.net/finland-hit-by-cyberattack-airspace-breach/
- UK retail chain The Works shuts down stores after cyberattack https://www.bleepingcomputer.com/news/security/uk-retail-chain-the-works-shuts-down-stores-after-cyberattack/
- Ransomware sent North Carolina A&T University scrambling to restore services https://arstechnica.com/information-technology/2022/04/ransomware-sent-north-carolina-at-university-scrambling-to-restore-services/
Major outages/downs:
- Ongoing Atlassian Jira, Confluence outage affects customers worldwide https://www.bleepingcomputer.com/news/technology/ongoing-atlassian-jira-confluence-outage-affects-customers-worldwide/
Follow-ups and fall-out:
- Ledger users file a class-action lawsuit against Shopify over a data breach https://www.databreaches.net/ledger-users-file-a-class-action-lawsuit-against-shopify-over-a-data-breach/
- Pentester for FIN7 sentenced for scheme that compromised tens of millions of debit and credit cards https://www.databreaches.net/pentester-for-fin7-sentenced-for-scheme-that-compromised-tens-of-millions-of-debit-and-credit-cards/
- Travelio - 471,376 breached accounts https://haveibeenpwned.com/PwnedWebsites#Travelio
- Kalispell hospital sued for patient data breach https://www.databreaches.net/kalispell-hospital-sued-for-patient-data-breach/

Privacy

Articles about privacy related news, risks, and trends.

General:
- Google Fights Dragnet Warrant for Users' Search Histories Overseas While Continuing to Give Data to Police in the U.S. https://www.eff.org/deeplinks/2022/04/google-fights-dragnet-warrant-users-search-histories-overseas-while-continuing
- Europe Is Building a Huge International Facial Recognition System https://www.wired.com/story/europe-police-facial-recognition-prum
- How You're Still Being Tracked on the Internet https://www.nytimes.com/2022/04/06/technology/online-tracking-privacy.html
- NFTs Are a Privacy and Security Nightmare https://www.wired.com/story/nfts-privacy-security-nightmare
- The Price of Privacy https://www.theatlantic.com/magazine/archive/2022/05/privacy-law-technology-california-gajda-seek-and-hide/629373/
- University of Guelph students' privacy not violated by vaccine mandate: privacy commissioner https://globalnews.ca/news/8739751/guelph-university-covid-vaccine-mandate-privacy-commissioner/

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

Canada:
- The Law Bytes Podcast, Episode 124: David Fraser on Negotiating a CLOUD Act Agreement Between Canada and the United States https://www.michaelgeist.ca/2022/04/law-bytes-podcast-episode-124/
- Feds to force tech giants like Facebook, Google to pay for news with new bill https://globalnews.ca/news/8736127/social-media-news-revenue-sharing-facebook-youtube-media/
- Here Comes the Online News Act: Why the Government's Media Shakedown is Bad News For Press Independence and Competition https://www.michaelgeist.ca/2022/04/here-comes-the-online-news-act-why-the-governments-media-shakedown-is-bad-news-for-press-independence-and-competition/
- Taking Aim at Sharing News Online: Bill C-18 and the Government's Misguided Requirement to Mandate Payment for Internet Linking https://www.michaelgeist.ca/2022/04/taking-aim-at-sharing-news-online-bill-c-18-and-the-governments-misguided-requirement-to-mandate-payment-for-internet-linking/
- Just How Extreme is Bill C-18?: It Mandates Payments For Merely Facilitating Access to News https://www.michaelgeist.ca/2022/04/just-how-extreme-is-bill-c-18-it-mandates-payments-merely-for-facilitating-access-to-news/
- Chrystia Freeland's Hidden Tax: How Canada Should Implement the Copyright Term Extension Buried in Budget 2022 https://www.michaelgeist.ca/2022/04/budget2022/
US:
- The Senate Bill That Has Big Tech Scared https://www.wired.com/story/american-innovation-choice-online-act-antitrust-google-amazon
- US State Department opens cybersecurity policy bureau https://www.theregister.com/2022/04/05/us_cybersecurity_cdp/
- Indiana Amends State Data Breach Notification Law https://www.databreaches.net/indiana-amends-state-data-breach-notification-law/
- The Latest Threat to Independent Online Creators Is the Filter Mandate Bill https://www.eff.org/deeplinks/2022/04/latest-threat-independent-online-creators-filter-mandate-bill
- Dun & Bradstreet Must Make ‘Substantial Changes' After Deceit, Erroneous Credit Reports https://www.pymnts.com/news/2022/dun-bradstreet-must-make-substantial-changes-after-deceit-erroneous-credit-reports/
World:
- UK spy agencies sharing bulk personal data with foreign allies was legal, says court https://www.theregister.com/2022/04/06/privacy_international_vs_ipt/
- ANNOUNCE: HHS' Office for Civil Rights Seeks Public Comment on Recognized Security Practices and Sharing Civil Money Penalties and Monetary Settlements Under the HITECH Act https://www.databreaches.net/announce-hhs-office-for-civil-rights-seeks-public-comment-on-recognized-security-practices-and-sharing-civil-money-penalties-and-monetary-settlements-under-the-hitech-act/
- Palestinian Lawyer Sues Pegasus Spyware Maker in France https://www.securityweek.com/palestinian-lawyer-sues-pegasus-spyware-maker-france
- Singapore moots bill to slap banks with higher fines for security breach https://www.databreaches.net/singapore-moots-bill-to-slap-banks-with-higher-fines-for-security-breach/
- Singapore offers certification scheme to tag companies with robust security posture https://www.zdnet.com/article/singapore-offers-certification-scheme-to-tag-companies-with-robust-security-posture/
- Google Can't Punish South Korean App Developers Who Offer Payment Workarounds https://www.pymnts.com/google/2022/google-cant-punish-south-korean-app-developers-who-offer-payment-workarounds/
- China says it will send government officials to inspect Big Tech firms over their use of algorithms https://www.businessinsider.com/china-launches-crackdown-on-big-tech-algorithms-2022-4
Standards News:
- Blockchain and Related Technologies to Support Manufacturing Supply Chain Traceability: Needs and Industry Perspectives (NISTIR 8419) https://nvlpubs.nist.gov/nistpubs/ir/2022/NIST.IR.8419.pdf
- NISTR/NCCoE published SP 800-40 Revision 4, Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology https://csrc.nist.gov/publications/detail/sp/800-40/rev-4/final
- NISTR/NCCoE published SP 1800-31, Improving Enterprise Patching for General IT Systems: Utilizing Existing Tools and Performing Processes in Better Ways https://csrc.nist.gov/publications/detail/sp/1800-31/final

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Educational events, webinars, courses, etc:
- IN-PERSON EVENT | Join NIST & RedHat on 4/20 for ‘Improving the Nation’s Cybersecurity - an Open Forum’ in Washington DC April 20 8:30 AM - 1:00 PM ET https://events.redhat.com/profile/form/index.cfm?PKformID=0x544826abcd
General:
- U.S. Says It Secretly Removed Malware Worldwide, Pre-empting Russian Cyberattacks https://www.nytimes.com/2022/04/06/us/politics/us-russia-malware-cyberattacks.html
- US Disrupts Russian Botnet https://www.schneier.com/blog/archives/2022/04/us-disrupts-russian-botnet.html
- The US is trying to fix medical devices' big cybersecurity problem https://www.theverge.com/2022/4/8/23016588/medical-device-cybersecurity-fda-congress-hacking
- Meta Tries to Break the End-to-End Encryption Deadlock https://www.wired.com/story/meta-end-to-end-encryption-bsr-report
- Google Play Store cracks down on outdated apps https://www.theverge.com/2022/4/7/23014518/google-play-store-cracks-down-on-outdated-apps
- Zoom awarded $1.8 million in bug bounty rewards over 2021 https://www.zdnet.com/article/zoom-awards-1-8-million-in-bug-bounty-rewards-over-2021
Methods, Techniques, Tools, and Products:
- GitHub now scans for secret leaks in developer workflows https://www.zdnet.com/article/github-now-scans-for-secret-leaks-in-push-workflows
- Developers Increasingly Prioritize Secure Coding https://www.darkreading.com/application-security/developers-increasingly-prioritize-secure-coding
- Improving software supply chain security with tamper-proof builds https://security.googleblog.com/2022/04/improving-software-supply-chain.html
- SOC for Supply Chain https://www.sans.org/blog/soc-for-supply-chain
- When MFA fails, defense in depth is key https://www.theregister.com/2022/04/07/mfa_defense_in_depth/
- MITRE Engenuity ATT&CK Tests https://www.trendmicro.com/en_us/research/22/d/mitre-engenuity-attack-tests.html
- 10 top fuzzing tools: Finding the weirdest application errors https://www.csoonline.com/article/3487708/9-top-fuzzing-tools-finding-the-weirdest-application-errors.html
- Google is adding a privacy settings walkthrough to Chrome https://www.theverge.com/2022/4/6/23013256/google-chrome-privacy-security-settings-guide-walkthrough-chrome
- Microsoft 365 Defender demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK® Evaluations https://www.microsoft.com/security/blog/2022/04/05/microsoft-365-defender-demonstrates-industry-leading-protection-in-the-2022-mitre-engenuity-attck-evaluations/
- Microsoft Details New Security Features for Windows 11 https://www.darkreading.com/remote-workforce/microsoft-details-new-security-features-for-windows-11
- Microsoft: Windows Autopatch steals the 'fun' from Patch Tuesdays https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-autopatch-steals-the-fun-from-patch-tuesdays/
- New security features for Windows 11 will help protect hybrid work https://www.microsoft.com/security/blog/2022/04/05/new-security-features-for-windows-11-will-help-protect-hybrid-work/
- Raspberry Pi removes default user to hinder brute-force attacks https://www.bleepingcomputer.com/news/security/raspberry-pi-removes-default-user-to-hinder-brute-force-attacks/
- Method For String Extraction Filtering, (Sat, Apr 9th) https://isc.sans.edu/diary/rss/28532
- Welcoming the Serbian Government to Have I Been Pwned https://www.troyhunt.com/welcoming-the-serbian-government-to-have-i-been-pwned/

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Advisories:
- Europe Warned About Cyber Threat to Industrial Infrastructure https://www.securityweek.com/europe-warned-about-cyber-threat-industrial-infrastructure
- SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965 https://www.microsoft.com/security/blog/2022/04/04/springshell-rce-vulnerability-guidance-for-protecting-against-and-detecting-cve-2022-22965/
Zero-day news:
- Zero days are for life, not just for Christmas. Here's how to deal with them https://www.theregister.com/2022/04/08/zero_days_are_for_life/
Patching:
- VMware Releases Critical Patches for New Vulnerabilities Affecting Multiple Products https://thehackernews.com/2022/04/vmware-releases-critical-patches-for.html
- GitLab issues critical update after hard-coding passwords into accounts https://www.databreaches.net/gitlab-issues-critical-update-after-hard-coding-passwords-into-accounts/
- Zyxel Patches Critical Hijacking Vulnerability https://packetstormsecurity.com/news/view/33293/Zyxel-Patches-Critical-Hijacking-Vulnerability.html
- 44 Vulnerabilities Patched in Android With April 2022 Security Updates https://www.securityweek.com/44-vulnerabilities-patched-android-april-2022-security-updates
- Apple patched critical flaws in macOS Monterey but not in Big Sur nor Catalina https://www.theregister.com/2022/04/06/apple_patched_zerodays_in_macos/
- Apple Leaves Big Sur, Catalina Exposed to Critical Flaws: Intego https://www.securityweek.com/intego-apple-leaves-big-sur-catalina-exposed-critical-flaws
Other Vulnerabilities:
- Linux Systems Are Becoming Bigger Targets https://www.darkreading.com/vulnerabilities-threats/linux-systems-are-becoming-bigger-targets
- Vendors Assessing Impact of Spring4Shell Vulnerability https://www.securityweek.com/vendors-assessing-impact-spring4shell-vulnerability
- VMware warns of critical remote code execution bug in Workspace ONE Access https://www.zdnet.com/article/vmware-warns-of-critical-remote-code-execution-bug-in-workspace-one-access
- Wyze Camera Vulnerability https://www.schneier.com/blog/archives/2022/04/wyze-camera-vulnerability.html
- WatchGuard failed to explicitly disclose critical flaw exploited by Russian hackers https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/
Research on new vulnerabilities:
- An In-Depth Look at ICS Vulnerabilities Part 2 https://www.trendmicro.com/en_us/research/22/d/an-in-depth-look-at-ics-vulnerabilities-part-2.html
- An In-Depth Look at ICS Vulnerabilities Part 3 https://www.trendmicro.com/en_us/research/22/d/an-in-depth-look-at-ics-vulnerabilities-part-3.html
Cryptography and Cryptographic Research:
- Refined Cryptanalysis of the GPRS Ciphers GEA-1 and GEA-2, by Dor Amzaleg and Itai Dinur https://eprint.iacr.org/2022/424
- PQ-HPKE: Post-Quantum Hybrid Public Key Encryption, by Mila Anastasova and Panos Kampanakis and Jake Massimo https://eprint.iacr.org/2022/414
- New Insights into Fully Homomorphic Encryption Libraries via Standardized Benchmarks, by Charles Gouert and Dimitris Mouris and Nektarios Georgios Tsoutsos https://eprint.iacr.org/2022/425

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

Trends, Alerts, and Events (other than major breaches):
- A Hacker Gang's Members Are In Jail. It's Still Stealing Data. https://packetstormsecurity.com/news/view/33290/A-Hacker-Gangs-Members-Are-In-Jail.-Its-Still-Stealing-Data..html
- FIN7 hackers evolve operations with ransomware, novel backdoor https://www.zdnet.com/article/fin7-hackers-evolve-operations-with-ransomware-novel-backdoor
- Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware https://thehackernews.com/2022/04/multiple-hacker-groups-capitalizing-on.html
- Attackers Spoof WhatsApp Voice-Message Alerts to Steal Info https://threatpost.com/attackers-whatsapp-voice-message/179244/
- Cryptocurrency-mining AWS Lambda-specific malware spotted https://www.theregister.com/2022/04/07/aws_lambda_malware/
- Android apps with 45 million installs used data harvesting SDK https://www.bleepingcomputer.com/news/security/android-apps-with-45-million-installs-used-data-harvesting-sdk/
- Fake Android shopping apps steal bank account logins, 2FA codes https://www.zdnet.com/article/fake-android-shopping-apps-steal-bank-account-logins-2fa-codes
- New Android banking malware remotely takes control of your device https://www.bleepingcomputer.com/news/security/new-android-banking-malware-remotely-takes-control-of-your-device/
- Newly found Android malware records audio, tracks your location https://www.bleepingcomputer.com/news/security/newly-found-android-malware-records-audio-tracks-your-location/
- New Meta information stealer distributed in malspam campaign https://www.bleepingcomputer.com/news/security/new-meta-information-stealer-distributed-in-malspam-campaign/
- Malicious web redirect service infects 16,500 sites to push malware https://www.bleepingcomputer.com/news/security/malicious-web-redirect-service-infects-16-500-sites-to-push-malware/
- Text Spam Is on the Rise. Here's How to Spot It and What to Do https://www.nytimes.com/2022/04/06/technology/personaltech/text-scam-spam.html
- Verizon Customers Are Receiving Spam Texts Sent From Their Own Numbers—Here's What To Know https://www.mentalfloss.com/posts/spam-texts-from-own-number
- BlackCat Ransomware Targets Industrial Companies https://www.securityweek.com/blackcat-ransomware-targets-industrial-companies
- Borat RAT Malware: A Unique Triple Threat That Is Far From Funny https://packetstormsecurity.com/news/view/33288/Borat-RAT-Malware-A-Unique-Triple-Threat-That-Is-Far-From-Funny.html
- Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware https://thehackernews.com/2022/04/hackers-exploiting-spring4shell.html
- WebLogic Crypto Miner Malware Disabling Alibaba Cloud Monitoring Tools, (Tue, Apr 5th) https://isc.sans.edu/diary/rss/28520
Crime & Arrests, etc.:
- Germany Shuts Down Russian Hydra Darknet Market; Seizes $25 Million in Bitcoin https://thehackernews.com/2022/04/germany-shuts-down-russian-hydra.html
- Hydra: How German police dismantled Russian darknet site https://www.bbc.co.uk/news/technology-61002904
- U.S. sanctions crypto-exchange Garantex for aiding Hydra Market https://www.bleepingcomputer.com/news/security/us-sanctions-crypto-exchange-garantex-for-aiding-hydra-market/
- FBI Shut Down Russia-linked "Cyclops Blink" Botnet That Infected Thousands of Devices https://thehackernews.com/2022/04/fbi-shut-down-russia-linked-cyclops.html
- The Bitcoin Bust That Took Down the Web's Biggest Child Abuse Site https://www.wired.com/story/tracers-in-the-dark-welcome-to-video-crypto-anonymity-myth
- Hackers Hijacked Crypto Wallets With Stolen MailChimp Data https://packetstormsecurity.com/news/view/33294/Hackers-Hijacked-Crypto-Wallets-With-Stolen-MailChimp-Data.html
- Identify Fraud Skyrockets As Hackers Stick To Pre-Pandemic Techniques https://packetstormsecurity.com/news/view/33296/Identify-Fraud-Skyrockets-As-Hackers-Stick-To-Pre-Pandemic-Techniques.html
- UK Charges Alleged Lapsus$ Gang Members With Hacking https://www.securityweek.com/uk-charges-alleged-lapsus-gang-members-hacking
- US judge sentences men for $1.5 million Apple Gift Card scam https://www.zdnet.com/article/us-judge-sentences-men-for-1-5-million-apple-gift-card-scams
- British embassy guard charged with spying for Russia https://www.bbc.co.uk/news/uk-61015772
Nation State Actors:
- How do China's cyber-spies snoop on governments, NGOs? Probably like this https://www.theregister.com/2022/04/07/china-espionage-campaign/
- Researchers Trace Widespread Espionage Attacks Back to Chinese 'Cicada' Hackers https://thehackernews.com/2022/04/researchers-trace-widespread-espionage.html
- Symantec: Chinese APT Group Targeting Global MSPs https://www.securityweek.com/symantec-chinese-apt-group-targeting-global-msps
- APT10: These sneaky hackers hid inside their victims' networks for nine months https://www.databreaches.net/apt10-these-sneaky-hackers-hid-inside-their-victims-networks-for-nine-months/
- Bearded Barbie hackers catfish high ranking Israeli officials https://www.bleepingcomputer.com/news/security/bearded-barbie-hackers-catfish-high-ranking-israeli-officials/
- India Claims It Foiled Chinese Cyberattack on Disputed Border https://www.securityweek.com/india-claims-it-foiled-chinese-cyberattack-disputed-border
- Other:
- Emptying the Phishtank: Are WordPress sites the Mosquitoes of the Internet?, (Mon, Apr 4th) https://isc.sans.edu/diary/rss/28516
- Scan This: There's Danger in QR Codes https://www.darkreading.com/omdia/scan-this-there-s-danger-in-qr-codes
- Adobe Creative Cloud Experience makes it easier to run malware https://www.theregister.com/2022/04/07/adobe_cloud_malware/
- The Original APT: Advanced Persistent Teenagers https://krebsonsecurity.com/2022/04/the-original-apt-advanced-persistent-teenagers/
- Companies were slow to remove Russian spies' malware, so FBI did it for them https://arstechnica.com/information-technology/2022/04/fbi-accesses-us-servers-to-dismantle-botnet-malware-installed-by-russian-spies/
- Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums https://thehackernews.com/2022/04/experts-shed-light-on-blackguard.html
- Researchers Uncover How Colibri Malware Stays Persistent on Hacked Systems https://thehackernews.com/2022/04/researchers-uncover-how-colibri-malware.html

Other Security / Risk

Articles covering other types of risks.

General:
- The Blurring Line, and Growing Risk, Between Physical and Digital Supply Chains https://www.darkreading.com/risk/the-blurring-line-and-growing-risk-between-physical-and-digital-supply-chains
- Will cloud computing be Canada's next big military procurement? Here's what to know https://globalnews.ca/news/8706412/canada-national-security-classified-cloud-services/
- ‘Robot scientist' Eve finds that less than one third of scientific results are reproducible https://scienmag.com/robot-scientist-eve-finds-that-less-than-one-third-of-scientific-results-are-reproducible/
- A Gentler, Better Way to Change Minds https://www.theatlantic.com/family/archive/2022/04/arguing-with-someone-different-values/629495/
- Ontario government won't comment on progress of digital ID program https://toronto.ctvnews.ca/ontario-government-won-t-comment-on-progress-of-digital-id-program-1.5852732
- Canadians are becoming more divided over COVID-19, politics: survey https://globalnews.ca/news/8733411/covid-politics-dividing-canadians-survey/
Health:
- A Shocking 99% of Us Are Now Breathing Unhealthy Air, WHO Warns https://www.sciencealert.com/a-shocking-99-of-us-are-now-breathing-unhealthy-air-who-warns
- Bird flu outbreak: Can humans contract the virus? Expert weighs in https://globalnews.ca/news/8736753/bird-flu-explainer-ontario/
- Over 5,000 Previously Unknown Viruses Have Been Discovered Lurking in The Oceans https://www.sciencealert.com/more-than-5-000-brand-new-viruses-have-been-discovered-lurking-in-the-oceans
- Thousands of Ontario students behind on vaccines usually administered in schools https://toronto.ctvnews.ca/thousands-of-ontario-students-behind-on-vaccines-usually-administered-in-schools-1.5849427
- COVID-19 rapid tests an imperfect and necessary tool in potential sixth wave, experts say https://globalnews.ca/news/8742204/covid-19-rapid-tests-sixth-wave/
- Some Threats Just Keep Coming in Waves https://www.theatlantic.com/ideas/archive/2022/04/covid-omicron-ba2-surge-precautions/629500/
- End of mask mandate in Ontario has fueled growing COVID-19 wave, provincial report suggests https://globalnews.ca/news/8749785/ontario-covid-cases-increase-lifting-masks/
- Is It Time to Start Masking Again? https://www.theatlantic.com/health/archive/2022/04/omicron-ba2-surge-indoor-masking/629512/
- Quebec extends mask mandate to end of April as province faces rising COVID-19 numbers https://globalnews.ca/news/8736157/quebec-covid19-masks-extension-april-5-2022/
- Up to 120,000 daily COVID-19 cases in Ontario, science table director says https://globalnews.ca/news/8741308/ontario-sixth-wave-case-increase-100k/
- Ontarians 60+ can book fourth COVID-19 vaccine doses Thursday https://toronto.ctvnews.ca/ontarians-60-can-book-fourth-covid-19-vaccine-doses-thursday-1.5851955
- 6 cases of COVID-19 XE have been reported in Canada https://globalnews.ca/news/8742798/xe-variant-covid-19-health-canada/
- What We Know about Omicron's BA.2 Variant So Far https://www.scientificamerican.com/article/what-we-know-about-omicrons-ba-2-variant-so-far1/
- Vaccinated Canadians can have COVID-19 symptoms despite testing negative. Here's why https://globalnews.ca/news/8742842/vaccinated-canada-covid-19-omicron-rapid-test/
- Around 2,000 Toronto-area health-care workers off job due to COVID-19 https://toronto.ctvnews.ca/around-2-000-toronto-area-health-care-workers-off-job-due-to-covid-19-1.5854942
- Even Mild Cases of COVID Can Lead to a 40 Percent Greater Risk of Diabetes https://www.mentalfloss.com/posts/COVID-patients-higher-diabetes-risk
- Can A.I.-Driven Voice Analysis Help Identify Mental Disorders? https://www.nytimes.com/2022/04/05/technology/ai-voice-analysis-mental-health.html
Safety:
- Kinder chocolates recalled due to possible salmonella contamination https://globalnews.ca/news/8742291/kinder-chocolates-recall-salmonella-contamination/
- Manitoba issues flood watch for the Red River valley https://globalnews.ca/news/8735058/manitoba-flood-watch-red-river-valley-april-4-2022/
- 2-year-old accidentally shoots, kills 4-year-old sister at Pennsylvania gas station https://globalnews.ca/news/8739302/toddler-accidentally-shoots-kills-4-year-old-sister/
- A ‘Breaking Bad' character made poison. A biomed engineer was inspired. https://www.washingtonpost.com/nation/2022/04/05/breaking-bad-ricin/
- Biting 'unruly passengers' hit with largest-ever US fines https://www.bbc.co.uk/news/world-us-canada-61047164
- The FAA is proposing record fines of $81,950 and $77,272 to passengers who it says tried to open cabin doors and bite fellow passengers https://www.businessinsider.com/faa-proposes-record-fines-for-two-unruly-airplane-passengers-2022-4
- Space Force is Releasing Decades of Tracking Data on a Thousand Bright Meteor Fireballs https://www.universetoday.com/155380/space-force-is-releasing-decades-of-tracking-data-on-a-thousand-bright-meteor-fireballs/
- India's Inadvertent Missile Launch Underscores the Risk of Accidental Nuclear Warfare https://www.scientificamerican.com/article/indias-inadvertent-missile-launch-underscores-the-risk-of-accidental-nuclear-warfare/
- Author of ‘How to Murder Your Husband' now on trial for husband's murder https://globalnews.ca/news/8737819/how-to-murder-your-husband-nancy-crampton-brophy-trial/
Environment:
- Record amount of methane added to atmosphere last year https://www.cbc.ca/news/science/methane-record-1.6413037
- The 1.5-Degree Goal Is All But Dead https://www.theatlantic.com/science/archive/2022/04/un-ipcc-1-5-degree-report-global-warming/629486/
- The US And EU Have Unsustainably Plundered Natural Resources For Decades, Study Shows https://www.sciencealert.com/the-us-and-eu-have-unsustainably-plundered-natural-resources-for-decades-study-shows
- A wind farm company admitted killing 150 eagles in the US and was fined $8 million. Almost all died from being hit by the blades. https://www.businessinsider.com/wind-farm-company-admits-150-eagle-deaths-fined-8-million-2022-4
- N.L. government lifts 15-year ban on onshore wind farms https://www.cbc.ca/news/canada/newfoundland-labrador/nl-wind-moratorium-lifts-1.6409296
- Carbon Removal 'Unavoidable' as Climate Dangers Grow, New IPCC Report Says https://www.scientificamerican.com/article/carbon-removal-unavoidable-as-climate-dangers-grow-new-ipcc-report-says/
- Stanford engineers point the way to more affordable, sustainable urban neighborhoods https://scienmag.com/stanford-engineers-point-the-way-to-more-affordable-sustainable-urban-neighborhoods/
- Billions of Genetically Modified Mosquitoes Are Set to Descend on California and Florida This Summer https://www.mentalfloss.com/posts/genetically-modified-mosquitoes-california
Disinformation and misinformation
- Disinformation Is the Story of Our Age https://www.theatlantic.com/newsletters/archive/2022/04/jeffrey-goldberg-disinformation-democracy-threat/629487/
- We're All Being Manipulated the Same Way https://www.theatlantic.com/ideas/archive/2022/04/maria-ressa-disinformation-manipulation/629483/
- Economy:
- Canada's treasury ‘depleted' as budget weans COVID spending, eyes uncertainty https://globalnews.ca/news/8743660/canada-budget-2022-covid-recovery/
- I Tried to Put Russia on Another Path https://www.theatlantic.com/ideas/archive/2022/04/bill-clinton-nato-expansion-ukraine/629499/

Russia v. Ukraine

News and announcements relating to Russia's invasion of Ukraine.

The war:
- Kramatorsk station attack: What we know so far https://www.bbc.co.uk/news/world-europe-61036740
- New York Times' analysis of satellite images pokes holes in Russia's denials about civilian bodies found in Bucha https://www.businessinsider.com/nyt-satellite-images-refute-russias-denials-about-civilian-bodies-bucha-2022-4
- Russia carried out extrajudicial civilian killings in Ukraine, Amnesty International says https://globalnews.ca/news/8742430/russia-ukraine-war-extrajudicial-civilian-killings-amnesty-international/
- Germany intercepted conversations of Russian soldiers discussing Bucha killings, contradicting Kremlin claims of a hoax, report says https://www.businessinsider.com/germany-intercepts-russia-troops-discussing-bucha-killings-report-2022-4
- How Explosions Actually Kill https://www.wired.com/story/russia-ukraine-blast-trauma
- NATO is using its 'eyes in the sky' to keep Europe out of Russia's war on Ukraine https://www.businessinsider.com/nato-awacs-keep-europe-out-of-russia-ukraine-war-2022-4
- Will Russia Use Chemical Weapons in Ukraine? Researchers Evaluate the Risks https://www.scientificamerican.com/article/will-russia-use-chemical-weapons-in-ukraine-researchers-evaluate-the-risks/
Reaction and response:
- UN votes Russia out of human rights council citing Bucha killings https://globalnews.ca/news/8742672/un-votes-russia-out-of-human-rights-council-citing-bucha-killings/
- Vladimir Putin should face war crimes trial for Bucha massacre, Biden says https://globalnews.ca/news/8733566/vladimir-putin-war-crime-trial-bucha-joe-biden/
- Intel suspends all operations in Russia “effective immediately” https://arstechnica.com/tech-policy/2022/04/intel-suspends-business-operations-in-russia-over-ukraine-war/
- Microsoft Obtains Court Order to Take Down Domains Used to Target Ukraine https://thehackernews.com/2022/04/microsoft-obtains-court-order-to-take.html
- Microsoft seized Russian domains targeting Ukrainian media organizations https://www.theverge.com/2022/4/9/23018258/microsoft-control-russian-domains-ukraine-war-cyberattack-fancy-bear-apt28-strontium
- Microsoft takes down APT28 domains used in attacks against Ukraine https://www.bleepingcomputer.com/news/microsoft/microsoft-takes-down-apt28-domains-used-in-attacks-against-ukraine/
- Oil giant Shell is writing off up to $5 billion in assets after it pulled its Russian operations https://www.businessinsider.com/shell-oil-natural-gas-putin-russia-energy-ukraine-assets-operations-2022-4
- Pink Floyd releases first new song in nearly three decades for Ukraine https://www.washingtonpost.com/nation/2022/04/08/pink-floyd-ukraine-single/
- Holland America will use one of its cruise ships to house 1,500 Ukrainian refugees — see inside the vessel https://www.businessinsider.com/photos-holland-americas-cruise-ship-to-house-1500-ukrainian-refugees-2022-4
- Bilingual English-Ukrainian schools in Manitoba prepare for refugee students https://globalnews.ca/news/8745902/bilingual-english-ukrainian-schools-manitoba-refugee-students/
- Ontario announces supports for Ukrainian refugees who come to the province https://globalnews.ca/news/8739457/ontario-ukrainian-refugee-supports/
- Ukrainians begin to settle in Canada as Russia's war continues: ‘More comfortable here' https://globalnews.ca/news/8732342/ukrainian-refugees-canada-russia-invasion/
- U.S. should expand presence in east Europe as Ukraine war could last years, general says https://globalnews.ca/news/8739278/u-s-more-troops-east-europe-ukraine-russia-war/
- A Neutral Ukraine Is a Dangerous Idea Fraught with Risks https://www.theatlantic.com/ideas/archive/2022/04/ukraine-neutrality-peace-agreement-finland/629473/
Sanctions & economic Impact:
- Over 60% of Putin's war chest frozen - UK https://www.bbc.co.uk/news/uk-60997622
- Sanctions over Ukraine are starting to ‘shrink' Russia's economy. Here's how https://globalnews.ca/news/8747616/western-sanctions-russia-economy-ukraine/
- The US blocks Russia from making a $600 million bond payment as it ramps up the pressure on Moscow https://markets.businessinsider.com/news/bonds/russia-bond-debt-payment-blocked-us-treasury-default-risk-sanctions-2022-4
- A 'nightmare' Russian debt default is now very likely after the US blocked payments, BlueBay strategist says https://markets.businessinsider.com/news/bonds/russian-debt-default-likely-us-treasury-blocks-bond-payment-sanctions-2022-4
- Russia's move to pay for bonds in rubles may cause default https://globalnews.ca/news/8740126/russia-pay-bonds-rubles-debt-default/
- EU targets Russian coal and ships in new sanctions https://www.bbc.co.uk/news/world-europe-60993645
- Here's what happens if Europe sanctions Russian oil https://globalnews.ca/news/8739201/europe-sanctions-russian-oil/
- Ukraine calls on EU to impose full energy embargo on Russia https://globalnews.ca/news/8742342/ukraine-eu-full-energy-embargo-russia/
- US Senate, House Strip Russia of ‘Most-Favored-Nation' Trade Status, Ban Russian Oil Imports https://www.pymnts.com/news/regulation/2022/us-senate-house-strip-russia-of-most-favored-nation-trade-status-ban-russian-oil-imports/
- The war in Ukraine is sending fertilizer prices through the roof. That could spark food shortages in countries already struggling with widespread hunger. https://www.businessinsider.com/fertilizer-prices-threaten-widespread-hunger-higher-inflation-ukraine-russia-war-2022-4
- U.S. restricts Russian access to fertilizer, valves as it broadens export curbs https://globalnews.ca/news/8747068/united-states-russia-fertilizer-valves-export/
- US charges Russian oligarch who called the war on Ukraine a 'holy war' against 'pagans' with violating sanctions — the first indictment of its kind since the invasion began https://www.businessinsider.com/us-charges-russian-oligarch-konstantin-malofeyev-violating-sanctions-ukraine-2022-4
- China is buying Russian energy with its own currency, marking the first commodities paid for in yuan since Western sanctions hit Moscow https://markets.businessinsider.com/news/commodities/dollar-vs-yuan-china-buys-russian-oil-coal-ukraine-sanctions-2022-4
- China could face sanctions if it supports Russia's war in Ukraine, U.S. says https://globalnews.ca/news/8740276/china-russia-potential-sanctions-ukraine-war-us/
- Information, Disinformation, and Propaganda:
- Cyberwar: Are attacks by Russian hackers still covered by cyber insurance? Germany's perspective (for now) https://www.databreaches.net/cyberwar-are-attacks-by-russian-hackers-still-covered-by-cyber-insurance-germanys-perspective-for-now/
- Mystery of alleged Chinese hack on eve of Ukraine invasion https://www.bbc.co.uk/news/technology-60983346
- RiskIQ Threat Intelligence Roundup: Trickbot, Magecart, and More Fake Sites Targeting Ukraine https://www.riskiq.com/blog/external-threat-management/trickbot-magecart-fake-sites/
- Ukraine spots Russian-linked 'Armageddon' phishing attacks https://www.bleepingcomputer.com/news/security/ukraine-spots-russian-linked-armageddon-phishing-attacks/
- Hackers use Conti's leaked ransomware to attack Russian companies https://www.bleepingcomputer.com/news/security/hackers-use-contis-leaked-ransomware-to-attack-russian-companies/
- Russians bypass website blocks to access Western news sources https://www.bleepingcomputer.com/news/technology/russians-bypass-website-blocks-to-access-western-news-sources/
Cyber-attacks and the potential for cyber-war:
- Ukraine Warns of Cyber attack Aiming to Hack Users' Telegram Messenger Accounts https://thehackernews.com/2022/04/ukraine-warns-of-cyber-attack-aiming-to.html

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

Innovations & Inventions:
- Lost Women of Science Podcast, Season 2, Episode 2: Women Needed https://www.scientificamerican.com/article/lost-women-of-science-podcast-season-2-episode-two-women-needed/
- Engineered crystals could help computers run on less power https://scienmag.com/engineered-crystals-could-help-computers-run-on-less-power/
- What's softer than cashmere and warmer than down? Kuujjuaq students spin muskox qiviut into yarn https://www.cbc.ca/news/canada/north/muskox-wool-qiviut-yarn-workshop-1.6409211
- The Secret of The Pyramids' Perfect Alignment Might Be Explained After All https://www.sciencealert.com/the-secret-of-the-pyramids-perfect-alignment-might-be-explained-after-all
Other:
- Mental Floss Presents: Titanic Timeline https://www.mentalfloss.com/posts/titanic-timeline-voyage-sinking-movie
- 12 Artifacts Brought Up From the 'Titanic' https://www.mentalfloss.com/posts/titanic-shipwreck-recovered-artifacts
- Old shipwreck in Niagara River pushed closer to brink of falls after storm https://toronto.ctvnews.ca/old-shipwreck-in-niagara-river-pushed-closer-to-brink-of-falls-after-storm-1.5852932
- Summerlicious to return to Toronto in August https://toronto.ctvnews.ca/summerlicious-to-return-to-toronto-in-august-1.5856160
- According to Perseverance, Mars is Quiet… too Quiet https://www.universetoday.com/155294/according-to-perseverance-mars-is-quiet-too-quiet/
- Digging Through Kepler Data Turns Up a Near Twin of Jupiter https://www.universetoday.com/155318/digging-through-kepler-data-turns-up-a-near-twin-of-jupiter/
- If Aliens Were Sending us Signals, This is What They Might Look Like https://www.universetoday.com/155173/if-aliens-were-sending-us-signals-this-is-what-they-might-look-like/

This Week’s [in]Security – Issue 95

CG Blogger : Jan 21, 2019 10:07:00 PM

Welcome to This Week’s [in]Security. This week: PCI's new Software Security Standard and PCI's new Software Security Framework, huge collection of...

[in]security Magecart GDPR

This Week's [in]Security - Issue 228

CG Blogger : Aug 15, 2021 10:07:00 PM

Welcome to This Week’s [in]Security. PCI SSF vs PA-DSS, Scoping Cloud, Cooperation, PCI Back to Basics Series, MageCart, Free Card Dump, No stripes....

[in]security Magecart COVID-19

This Week’s [in]Security – Issue 135

CG Blogger : Nov 5, 2019 10:07:00 PM

Welcome to This Week’s [in]Security. This week: PCI DSS 4 Comment Period. New PCI Contactless on COTS standard. EMVco and 3D Secure. A PCI Horror...

[in]security Magecart TLS EMV

This Week's [in]Security - Issue 262

This Week’s [in]Security – Issue 95

This Week's [in]Security - Issue 228

This Week’s [in]Security – Issue 135

Services

About Us

Knowledge Base

Contact