Daily Cyber Security News | 3rd March

Intro 00:00Zimbra Bug 00:10 Daxin Malware 01:23Fox Blade Malware 02:27Healthcare need to pay attention to cyber security 03:21Kaspersky’s statement 04:4401The Zimbra bug that was recently revealed has been added to CISA’s list of exploited vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a zero-day flaw in the Zimbra email platform to its Known Exploited Vulnerabilities Catalog because there was evidence that people were exploiting it. Keeps track of security flaws that have been used by hackers and that must be fixed by government agencies. Federal agencies have until March 11, 2022, to apply the security updates that CISA has given them. This is because this vulnerability could have a big impact. There are three more vulnerabilities that CISA has added to the catalogue, as well as CVE-2022-24682.CVE-2017-8570 (CVSS score: 7.8) – Microsoft Office Remote Code Execution VulnerabilityCVE-2017-0222 (CVSS score: 7.5) – Microsoft Internet Explorer Memory Corruption VulnerabilityCVE-2014-6352 (CVSS score: not calculate as of now) – Microsoft Windows Code Injection Vulnerability02China’s Daxin malware was used in intelligence gathering attacks on a number of governments. A previously unknown espionage tool has been used against some governments and other critical infrastructure targets by China-linked threat actors since at least 2013. This is part of a long-running espionage campaign that has been going on since at least 2013.It’s called Daxin, and the team from Broadcom’s Symantec Threat Hunter called it “technologically advanced malware.” It allows hackers to communicate and get information on companies in the telecom, transportation, and manufacturing sectors that are important to China. Hackers can communicate with security devices that aren’t connected to the internet through “Daxin malware,” the US Cybersecurity and Infrastructure Security Agency said in an independent advisory. “Daxin malware” is a rootkit backdoor with complex, stealthy command-and-control functionality that allows remote actors to communicate with security devices that aren’t connected to the internet.03Microsoft found that Fox Blade malware had hit Ukraine just before the Russians came in. In a blog post on Monday, Microsoft said that it had detected a new wave of cyberattacks against Ukraine’s digital infrastructure just before Russia launched its first missiles last week. Fox Blade is a new malware package that has never been seen before, according to the tech company’s Threat Intelligence Center (MSTIC). MSTIC says it added new signatures to its Defender anti-malware service to detect the exploit within three hours of its discovery. A Microsoft Security Intelligence advisory says that “this trojan can use your PC for distributed denial-of-service (DDoS) attacks without your knowledge. ” This means that Fox Blade can use your computer without you knowing. What’s more, a second “downloader” module appears to be used to get and install the trojan on the computers that have been infected by it. 04Healthcare should pay more attention to cybersecurity this year, the head of the Office of the Civil Rights (OCR) says.When Lisa J. Pino wrote a blog post on HHS’s website, she told healthcare organizations to pay more attention to cybersecurity in 2022. There are still a lot of healthcare data breaches that happen almost every day.People were talking about cyberattacks a lot in 2021 because hacking and IT problems affected government agencies, big businesses, and even the supply chains for things that people need, like gasoline.05Eugene Kaspersky’s statement caused a stir in the cybersecurity industry.Eugene Kaspersky, a longtime cybersecurity expert, has caused a lot of anger in the industry after he said something about the ongoing Russian invasion of Ukraine.In a tweet today, Kaspersky, CEO of the Russian-based IT security company of the same name, said that he welcomed the start of talks to solve Ukraine’s problems. “We hope that they will lead to a cessation of hostilities and a compromise.” We think that peaceful talks are the only way to solve problems. War is bad for everyone.His description of the conflict as a “situation” and apparent attempt to advertise his company caused a lot of people in the information security field to be very angry.News by Free Music |