Welcome to CyberIntelMag’s weekly roundup! A place where you can find the most important stories in the cybersecurity world from the past week.
The good news: This week’s good news includes FBI alerting about LockBit ransomware, Google Cloud Hypervisor being modified to detect cryptominers easily, FBI warning about SIM swapping attacks, the U.S. arresting a couple in connection to $4.5 billion cryptocurrency theft, Apple patching a new 0-day flaw, and many more.
- The Federal Bureau of Investigation (FBI) released technical data and indicators of a hack connected to LockBit ransomware attacks. It also advised businesses on how to fight network-breaching attempts by this adversary.
- Google has developed a public beta version of its new Virtual Machine Threat Detection (VMTD) system. It can detect crypto miners and other malware even without software agents.
- Siemens and Schneider Electric announced a total of 15 recommendations on Tuesday to fix around 50 vulnerabilities found in their devices.
- Russia arrested six members of a cyber ring that stole and sold stolen credit cards. The arrests were conducted at the demand of Russian Federation Ministry of Internal Affairs investigators.
- The purported malware creator released the master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations on the BleepingComputer forums.
- The United States arrested a married couple in connection with a plan to transfer $4.5 billion in cryptocurrency obtained from the hack of Bitfinex in 2016.
- Apple has fixed a new 0-day flaw exploited in the wild to hack iPhones, Macs, and iPads. It was a WebKit Use After Free defect that might cause OS crashes and code execution on affected devices.
The bad news: This week’s bad news includes the New Argo CD bug allowing hackers to infiltrate Kubernetes apps, emergency response and security entities in Ukraine being targeted, cyberattack deterring 4G and 5G services of Vodafone Portugal, FritzFrog botnet returning to attack different sectors, and others.
- A zero-day flaw in the Argo continuous deployment (CD) tool for Kubernetes has been uncovered. It might allow attackers to get sensitive data such as API credentials and passwords.
- Microsoft reveals that Actinium has allegedly targeted entities organizing international and humanitarian aid to Ukraine. This group, like many others, is most probably connected to the Russian Federal Security Service (FSB).
- A Chinese telecommunications company, Hytera, has been charged with allegedly hiring Motorola workers to steal trade secrets.
- In December 2021, Puma suffered a data breach due to a ransomware attack on Kronos, one of its North American labor-management service providers. Attackers stole the personal information of Puma employees and their dependents.
- The FBI (Federal Bureau of Investigation) revealed that hackers had boosted SIM swap attacks to steal millions by hijacking victims’ phone numbers. It also released tips to safeguard individuals against such attacks.
- The wireless broadband solutions from the Mimosa network contain many serious flaws. These weaknesses may expose affected devices to remote attacks.
- In a security breach, data of nearly 6,000 Memorial Hermann (Houston, Texas) patients was accessed. Hackers might abuse their personal and financial information.
- Vodafone Portugal got hacked. Its nationwide 4G/5G internet networks, SMS text, and television services were disrupted because of this deliberate and malicious attack.
- Attackers might get access to video feeds or execute malicious code on vulnerable devices by exploiting zero-day security vulnerabilities in two models of Nooie’s Baby Cam newborn monitoring devices.
- It was found that Ohlone Community College District (OCCD) network in Fremont, California, was attacked with ransomware on January 20, 2022. School officials said that the private information of certain employees, instructors, and current and past students was allegedly hacked.
- The FritzFrog botnet has resurfaced with a new peer-to-peer (P2P) campaign that has seen a 10-fold surge in a month. Most targets are healthcare, education, and government sectors from different regions of China, Europe, Russia, and Asia.
- FlexBooker, a digital scheduling platform, has been accused of revealing the personal information of millions of customers. This Ohio-based IT firm used an AWS S3 bucket to store data.