This Week in Security News March 4, 2022
Global Cyberattacks: How to manage risk in times of chaos, and Ukraine-Russia cyber warzone splits cyber underground
Save to Folio
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about best practices to manage cyber risk as global tensions rise. Also, read about how the Ukraine-Russian conflict is splitting the cyber underground.
As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience. Evidence of widespread defacement of government websites, and targeted attacks against government agencies and financial institutions serve yet another layer of risk to deal with, and it has never been more important to be on top of your security game. Trend Micro shares 5 best practices to manage cyber risk.
The Russia-Ukraine cyber warzone has split the Conti ransomware gang into warring factions, leading to a Ukrainian member spilling 60,000 of the group’s internal chat messages online. The conversations date back 13 months, from Jan. 29, 2021 to yesterday, Feb. 27 2022. The first dump contains 339 JSON files, with each file representing a full day’s log. Many of the messages are written in a Cyrillic-scripted language that appears, at least according to Google translate, to be Russian.
In part two of Trend Micro’s series on SMS PVA, Trend Micro discusses how smspva.net and Android SMS interception works hand in hand. We’ll also illustrate an example of how users can use smspva.net to get an SMS verification code without using their own mobile number.
Toyota said it suspended Japan factory operations, losing around 13,000 cars of output, after a supplier of plastic parts and electronic components was hit by a suspected cyberattack. No information was immediately available about who was behind the possible attack or the motive. The attack comes just after Japan joined Western allies in clamping down on Russia after it invaded Ukraine, although it was not clear if the attack was at all related.
Alongside the physical conflict happening between Russia and Ukraine, there have been an increasing number of alleged cyberattacks perpetrated by different groups. Trend Micro’s research teams have verified and validated internal data and external reports to provide accurate information that can be used to strengthen defenses against these attacks and will continuously update this blog with validated threats as more events unfold.
Microsoft said it’s been informing Ukraine about cyberattacks on civilian and military targets, though the software maker didn’t attribute the attacks to any specific actors. U.S. tech companies are responding in myriad ways to Russia’s invasion of Ukraine. Facebook owner Meta and Google parent Alphabet have announced efforts designed to tamp down misinformation on their platforms.
Organizations leaked more than 6 million passwords, API keys, and other sensitive data — collectively known as development "secrets" — in 2021, doubling the number from the previous year, according to a new GitGuardian report published today. The report accounted for the fact that more code is being pushed to repositories and better detection capabilities are available.
Nvidia has confirmed that hackers stole data from the company during last week's breach. Nvidia didn’t specify what was stolen. But the group behind the breach, LAPSUS$, claims it looted 1TB of data, including files about Nvidia hardware and software. The hackers are now demanding the company pay up in cryptocurrency to keep the data secret. However, LAPSUS$ told us Nvidia has yet to reach out.
Has your organization implements any of Trend Micro’s best practices for managing cyber risk? Tweet me on Twitter to continue the conversation: @JonLClay.