Security Research

The Hive extortion group is actively targeting unpatched Microsoft Exchange Servers and using them to deploy ransomware.

On February 23, 2022, a new data wiper and ransomware were deployed on a large number of devices in the Ukraine, as ESET Research reported on Twitter. Just before this, a couple of Ukrainian government sites and services were subjected to DDoS attacks. Cybersecurity specialists discovered that the malware was deployed via Microsoft Active Directory GPO. In addition to the disk wiper and ransomware, a worm component was deploy

The Nordex Group, known as one of the world's largest manufacturers of wind turbines, has confirmed a cyberattack. The attack was discovered end of last month, and Nordex disabled remote access from some networks to their turbines as a precaution.

Qantas-owned airline Jetstar appears to have fallen victim to ransomware, the result of an attack by the Quantum extortion group.

This April, Microsoft's Patch Tuesday came with 128 vulnerability patches — the largest number of fixes seen in the monthly event since September of 2020.

New infostealer malware called Meta is gaining in popularity. It attempts to steal browser passwords, credit cards info, and any other stored credentials.

Perusahaan Gas Negara (PGN) has been hit by a Hive ransomware attack, just days after the group also successfully targeted American healthcare provider Partnership HealthPlan of California (PHC). As a healthcare organization, PHC is a more typical target for the Hive group.

A new phishing campaign, which uses fake WhatsApp voice messages to trick victims into installing infostealing malware, has already targeted over 27,000 users.

A new remote access Trojan (RAT) by the name of Borat has been appearing on darknet markets. Borat is designed to be easy-to-use, and gives attackers the ability to deploy ransomware, perform DDoS attacks, bypass user account control (UAC), access files and network devices, and even take complete control of a victim's mouse and keyboard.

After taking a week off, the Lapsus$ extortion group came back in force with the release of 70 GB of data from IT and software development firm Globant — making the Luxembourg-based company the latest in a string of victims that include the likes of DHL, Facebook, BNP Paribas Cardif, and Citibanamex.

Google has issued an update for its Chrome browser that patches the second "high severity" zero-day vulnerability this year. All 3.2 billion Chrome users are urged to update to Chrome 99.0.4844.84 for Windows, Mac, or Linux immediately.

The FBI's Internet Crime Report for 2021 contains statistics from 847,376 complaints, corresponding to more than $6.9 billion in losses. That represents a 7% increase from 2020.