Trend Micro: This Week in Security News March 4, 2022


Continue reading:

Global Cyber ​​Attacks: How to Manage Risk in Times of Chaos

As global tension mounts, cyber risk management and security fundamentals are key to cyber resilience. Evidence of widespread defacement of government websites and targeted attacks on government agencies and financial institutions is another level of risk to manage, and it’s never been more important to be on top of your security game. . Trend Micro shares 5 best practices for managing cyber risk.

Ukraine-Russia Cyber ​​Warzone Divides Cyber ​​Underground

The Russian-Ukrainian Cyber ​​Warzone has split the Conti ransomware gang into warring factions, leading to a Ukrainian member posting 60,000 of the group’s internal chat messages online. The conversations go back 13 months, from January 29, 2021 to yesterday, February 27, 2022. The first dump contains 339 JSON files, with each file representing a full day’s log. Many posts are written in a Cyrillic script language that appears, at least according to Google Translate, to be Russian.

SMS PVA Part 2: Underground Service for Cyber ​​Criminals

In Part 2 of Trend Micro’s SMS PVA series, Trend Micro explains how and Android SMS interception work hand in hand. We will also illustrate an example of how users can use to get an SMS verification code without using their own mobile number.

Toyota suspends operations at its national plant after an alleged cyberattack

Toyota said it suspended factory operations in Japan, losing around 13,000 production cars, after a supplier of plastic parts and electronic components was hit by a suspected cyberattack. No information was immediately available on who was behind the possible attack or on the motive. The attack comes just after Japan joined Western allies in suppressing Russia after it invaded Ukraine, although it’s unclear if the attack was related.

Cyberattacks are prominent in the Russian-Ukrainian conflict

Along with the physical conflict between Russia and Ukraine, there has been a growing number of alleged cyberattacks perpetrated by different groups. Trend Micro research teams have verified and validated internal data and external reports to provide accurate insights that can be used to strengthen defenses against these attacks and will continually update this blog with validated threats as they arise. other events unfold.

Microsoft claims to have informed the Ukrainian government of the cyberattacks

Microsoft said it informed Ukraine about the cyberattacks against civilian and military targets, although the software maker did not attribute the attacks to any specific actor. American tech companies are reacting in multiple ways to the Russian invasion of Ukraine. Facebook owner Meta and Google parent Alphabet have announced efforts to root out misinformation on their platforms.

Company code leaks more passwords and secrets

Organizations leaked more than 6 million passwords, API keys, and other sensitive data — collectively referred to as developer “secrets” — in 2021, doubling the number from the previous year, according to a new GitGuardian report released today. today. The report takes into account that more code is being pushed to the repositories and better detection capabilities are available.

Nvidia confirms company data was stolen in hack

Nvidia confirmed that hackers stole data from the company during last week’s breach. Nvidia did not specify what was stolen. But the group behind the breach, LAPSUS$, claims to have looted 1TB of data, including files on Nvidia hardware and software. Hackers are now demanding that the company pay in cryptocurrency to keep the data secret. However, LAPSUS$ told us that Nvidia has yet to reach out.

Has your organization implemented any of Trend Micro’s best practices for managing cyber risk? Tweet me on Twitter to continue the conversation: @JonLClay.


Comments are closed.