IT Security Weekend Catch Up – March 12, 2022

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. Russia creates its own TLS certificate authority to bypass sanctions
  2. Piracy OK: Russia to ease software licensing rules after sanctions
  3. DuckDuckGo to down-rank sites associated with Russian disinformation
  4. Hackers leak 190 GB of alleged Samsung data, source code
  5. Rompetrol gas station network hit by Hive ransomware
  6. Sodinokibi/REvil ransomware defendant extradited to United States and arraigned in Texas
  7. How TrueCaller built a billion-dollar caller ID data empire in India
  8. Offensive OSINT: Drugs, firearms, exotic pets, fake documents and other scams

For the more technical

  1. The Dirty Pipe vulnerability
  2. Microsoft March 2022 Patch Tuesday
  3. AutoWarp: Critical cross-account vulnerability in Microsoft Azure Automation service
  4. Windows Defender is enough, if you harden it
  5. TLStorm: Critical vulnerabilities in a TLS library lead to complete pwnage of a popular Cloud-connected UPS (PDF)
  6. Repeatable firmware security failures: 16 high impact vulnerabilities discovered in HP devices
  7. On the effectiveness of hardware mitigations against cross-privilege Spectre-v2 attacks
  8. The state of WordPress security in 2021
  9. Imperva mitigates ransom DDoS attack measuring 2.5 million requests per second
  10. CVE-2022-26143: TP240PhoneHome reflection/amplification DDoS attack vector
  11. Bitdefender Labs sees increased malicious and scam activity exploiting the war in Ukraine
  12. SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store
  13. Emotet redux
  14. New Nokoyawa ransomware possibly related to Hive
  15. New RURansom wiper rargets Russia
  16. Cybercriminals compromise users with malware disguised as pro-Ukraine cyber tools
  17. Google’s TAG: An update on the threat landscape
  18. The Russia-Ukraine cyber war in the deep and dark web
  19. GhostWriter / UNC1151 adopts MicroBackdoor variants in cyber operations against Ukraine
  20. Does this look infected? A summary of APT41 targeting U.S. state governments

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *