MilCyberSync Podcast – News: 24 April Episode 8 [April 24, 2022]
Photo from Unsplash
Originally Posted On: https://blog.axellio.com/milcybersync-podcast-april-24
This week on the MilCyberSync Podcast hosts Navy Cryptologist, Nick Thomas, and news anchor, Layla Gulen bring you the most up-to-date news on Conti ransomware attacks, Windows 11 upgrade malware attack, Meta reward, Oracle security fixes, and more. Listen to the MilCyberSync Podcast episode 8 here.
Evolving intelligence indicates at least five allied countries including the US are targets of Russian cyberattacks. [01:37]
Members of the Five Eyes Intelligence sharing network, which includes the US, Britain, Canada, Australia, and New Zealand say Moscow could involve existing cybercrime groups in launching attacks on governments institutions and businesses
Malicious Conti ransomware attacks continue. [02:28]
Despite the recent leak of internal communications and code from the Conti ransomware group, the criminal enterprise appears to have continued operations without breaking stride. Researchers believe Conti is part of a massive criminal enterprise tied not just to the majority of Conte and RIOC ransomware attacks, but also to distributing malware such as a trick bot, bizarre loader, and viewer loader.
$5 million is up for grabs for anyone who can help disrupt an illicit flow of funds to North Korea. [03:28]
The US government has continued to warn that North Korea has used a variety of hack attacks, including hitting numerous cryptocurrency exchanges as well as banks such as Bangladesh Bank to help it evade crippling sanctions and fund its WMD programs. The United Nations estimated that cryptocurrency and online bank heists have enabled Pyongyang to invest $2 billion in its development of nuclear weapons and intercontinental ballistic missiles.
Windows users beware of fake Windows 11 upgrade. [09:30]
A recent SEO poisoning technique is designed to trick users to steal their data from browsers and crypto-wallets. SEO poisoning is an illegitimate technique used to achieve a higher search engine ranking for websites. Researchers have sourced the multistage information stealer malware to bad actors that had registered the domain Windows11upgrade11.com.
Facebook parent company Meta announced its Bug Bounty Program will cover vulnerabilities that can be exploited to bypass integrity safeguards. [10:26]
The program expansion is meant to steer researchers’ attention to security issues that attackers may exploit to bypass specific integrity checks meant to limit abuse behaviors. Such texts include mandatory two-factor authentication for specific business manager accounts. Facebook’s own application verification process, or feature restriction enforcements. Researchers who identify endpoints that may perform sensitive actions without triggering a business manager’s two-factor authentication prompt may receive up to $2,000 for their reports.
Oracle announces the release of 520 security fixes. [11:38]
As part of its April 2022 critical patch update, nearly 300 have been identified for vulnerabilities that could be exploited remotely without authentication. Roughly 75 of the patches are of critical severity. Other Oracle Applications that received patches include PeopleSoft Hyperion supply chain, JD Edwards, and hospitality applications.
For even more news on cybersecurity, browse our previous episodes of the MilCyberSync Podcast.