- FBI releases IOCs (Indicators of Compromise) associated with BlackCat/ALPHV ransomware. (to the original material)
- Conti ransomware claims responsibility for the attack on Costa Rica. (to the original material)
- Cyber Insurance and the changing global risk environment. (to the original material)
- A stored XSS flaw in RainLoop allows stealing users’ emails. (to the original material)
- QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS. (to the original material)
- Pwn2Own Miami hacking contest awarded $400,000 for 26 unique ICS exploits. (to the original material)
- Lemon_Duck cryptomining botnet targets Docker servers. (to the original material)
- Critical bug in decoder used by popular chipsets exposes 2/3 of Android devices to hack. (to the original material)
- Financial Sector faces ransomware attacks, now more than ever. (to the original material)
- Emotet Revamp: New payloads and 64-Bit modules. (to the original material)
- Issue in digital COVID-19 test could have allowed individuals to falsify results. (to the original material)
- New infosec products of the week: April 22, 2022. (to the original material)
- How to improve the efficiency of enterprise backup. (to the original material)
- The Great Resignation meets the Great Exfiltration: How to securely offboard security personnel. (to the original material)
- PCI DSS 4.0: Meeting the evolving security needs of the payments industry. (to the original material)
- Backup is key for cyber recovery. (to the original material)
- New threat groups and malware families emerging. (to the original material)
- 'Hack DHS' bug hunters find 122 security flaws in DHS systems. (to the original material)
- Russian hackers are seeking alternative money-laundering options. (to the original material)
- US govt grants academics $12M to develop cyberattack defense tools. (to the original material)
- T-Mobile confirms Lapsus$ hackers breached internal systems. (to the original material)
- Chinese hackers behind most zero-day exploits during 2021. (to the original material)
- Atlassian fixes critical Jira authentication bypass vulnerability. (to the original material)
- Ubuntu 22.04 LTS released with performance and security improvements. (to the original material)
- Windows 10 KB5012636 cumulative update fixes freezing issues. (to the original material)
- Threat Roundup for April 15 to April 22. (to the original material)
- Cybersecurity threats to critical infrastructure – Week in security with Tony Anscombe. (to the original material)
- Transparency at Kaspersky. (to the original material)
- Cybersecurity’s too important to have a dysfunctional, poorly performing team. (to the original material)
- Agriculture under threat as ransomware attacks go against the grain. (to the original material)
- LemonDuck bot targets Docker cloud instances to mine cryptocurrency on Linux systems. (to the original material)
- Zero-day vulnerabilities more than doubled in 2021, say Mandiant and Google. (to the original material)
- Four steps for securing a multi-cloud environment. (to the original material)
- Visa takes a more aggressive stand on cybersecurity. (to the original material)
- Healthcare sector risk from Lapsus$ group prompts HHS brief on insider threats. (to the original material)
- Error in ALPHV/BlackCat ransomware code may offer some Linux users a shield. (to the original material)
- Hackers ‘DeFi’ threat risk expectations with new attack vectors in crypto. (to the original material)
- Bluetooth vulnerability in smart COVID test patched, the second to do so. (to the original material)
- Cisco Umbrella users urged to close bug. (to the original material)
- When AWS fixed Log4Shell, it created new vulnerabilities. (to the original material)
- Sophos buys alert-monitoring automation vendor. (to the original material)
- FBI warns ransomware attacks on agriculture co-ops could upend food supply chain. (to the original material)
- Early discovery of Pipedream malware a success story for industrial security. (to the original material)
- Zero-Day exploit use exploded in 2021. (to the original material)
- Victory! Maryland Legislature says police must now be trained to recognize stalkerware. (to the original material)
- Wawa Sues Mastercard over data breach penalties. (to the original material)
- YES (Youth Employment Services) launches free cybersecurity training program. (to the original material)
- YES launches program to train Ukrainians & youth in cyber security. (to the original material)
- SuperCare Health faces lawsuits over data breach. (to the original material)
- Infosecurity Europe announces live training courses for this year’s event. (to the original material)
- FBI warns US farmers of ransomware surge. (to the original material)
- State actors drive record number of zero-day exploits in 2021. (to the original material)
- Crypto-Mining botnet goes after misconfigured Docker APIs. (to the original material)
- Rio de Janeiro finance department hit with LockBit ransomware. (to the original material)
- Binance freezes stolen Axie Infinity crypto after North Korean hackers move funds. (to the original material)
- Conti ransomware attack was aimed at destabilizing government transition, Costa Rican president says. (to the original material)
- T-Mobile confirms Lapsus$ breach, says no customer or government info accessed. (to the original material)
- LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave. (to the original material)
