2022 - Week reads - 15

Apr 11, 2022 weekreads reading

This week read list,

• White House, FBI Officials Warn of Impending Russian Cyberattacks on the U.S. https://spectator.org/white-house-fbi-officials-warn-of-impending-russian-cyberattacks-on-the-u-s/

• MailChimp breached, intruders conducted phishing attacks against crypto customers https://securityaffairs.co/wordpress/129831/data-breach/mailchimp-breached-cryptocurrency-phishing.html

• The fragility of transient identifiers https://blog.apnic.net/2022/04/01/fragility-of-transient-identifiers/

• Bank had no firewall license, intrusion or phishing protection – guess the rest https://www.theregister.com/2022/04/05/mahesh_bank_no_firewall_attack/

• Hacking DICOM: the hospital standard https://www.securityartwork.es/2022/04/05/hacking-dicom-the-hospital-standard-2/

• F5’s Cloud Native Network Functions Saturate Rakuten Symphony https://www.sdxcentral.com/articles/news/f5s-cloud-native-network-functions-saturate-rakuten-symphony/2022/04/

• US disrupts Russian Cyclops Blink botnet before being used in attacks https://www.bleepingcomputer.com/news/security/us-disrupts-russian-cyclops-blink-botnet-before-being-used-in-attacks/

• China accused of cyberattacks on Indian power grid https://www.theregister.com/2022/04/08/china_sponsored_attacks_india_ukraine/

• Anonymous and the IT ARMY of Ukraine continue to target Russian entities https://securityaffairs.co/wordpress/129991/hacktivism/anonymous-it-army-of-ukraine-vs-russia.html

• Microsoft takes down APT28 domains used in attacks against Ukraine https://www.bleepingcomputer.com/news/microsoft/microsoft-takes-down-apt28-domains-used-in-attacks-against-ukraine/

• NB65 group targets Russia with a modified version of Conti’s ransomware https://securityaffairs.co/wordpress/130051/hacktivism/nb65-modified-version-conti-ransomware.html

• Nginx Zero-Day LDAP Reference Implementation Vulnerability Alert https://securityonline.info/nginx-zero-day-rce-vulnerability-alert/