Latest News Articles



--- TLP:WHITE ---

News

− Chinese Cyber Espionage Against Russia Is About Keeping Tabs and Learning

Since the start of the year, a Chinese advanced persistent threat (APT) actor group dubbed TA428 has been aggressively targeting industrial plants, research institutes, and government ministries, among others, in several countries to include Belarus, Russia, and Ukraine, according to threat researchers from Kaspersky.

https://www.oodaloop.com/archive/2022/09/13/chinese-cyber-espionage-against-russia-is-about-keeping-tabs-and-learning/

− Record-Breaking DDoS Attack in Europe

An Akamai customer based in Eastern Europe has been bombarded relentlessly with sophisticated distributed denial-of-service (DDoS) attacks, ultimately paving the way for a new European packets per second (pps) DDoS record.

https://www.akamai.com/blog/security/record-breaking-ddos-attack-in-europe

− Uber security incident in which cloud systems seemingly hijacked

Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents.

https://www.theregister.com/2022/09/16/uber_security_incident

Vulnerabilities

− SMBs are hardest-hit by ransomware

Coalition announced the mid-year update to its 2022 Cyber Claims Report detailing the evolution of cyber trends, revealing that small businesses have become bigger targets, overall incidents are down, and ransomware attacks are declining as demands go unpaid.

https://www.helpnetsecurity.com/2022/09/15/small-businesses-ransomware-targets/

− NSA, Allies Issue Cybersecurity Advisory on Weaknesses that Allow Initial Access

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the FBI, along with allied nations, published a Cybersecurity Advisory today to raise awareness about the poor security configurations, weak controls and other poor network hygiene practices malicious cyber actors use to gain initial access to a victim’s system.

https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/3033563/nsa-allies-issue-cybersecurity-advisory-on-weaknesses-that-allow-initial-access/

− Microsoft September 2022 Patch Tuesday fixes zero-day used in attacks, 63 flaws

Today is Microsoft's September 2022 Patch Tuesday, and with it comes fixes for an actively exploited Windows vulnerability and a total of 63 flaws.

https://www.bleepingcomputer.com/news/microsoft/microsoft-september-2022-patch-tuesday-fixes-zero-day-used-in-attacks-63-flaws/

− CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems (ICS) advisories on September 13, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:

https://www.cisa.gov/uscert/ncas/current-activity/2022/09/13/cisa-releases-five-industrial-control-systems-advisories

Community News

− Cyber Resilience Act

The proposal for a regulation on cybersecurity requirements for products with digital elements, known as the Cyber Resilience Act, bolsters cybersecurity rules to ensure more secure hardware and software products.

https://digital-strategy.ec.europa.eu/en/library/cyber-resilience-act

--- TLP:WHITE ---