ISBuzz Team

Australia ranks 7th, shows an 87% spike in cases quarter-over-quarter Cybersecurity company Surfshark’s study found that Russia is first in terms of breached accounts from January-March 2022, with more than 3.5M internet users affected. Since the start of Ukraine’s invasion in March, 136% more Russian accounts were breached than in February. The second place in the ranking is claimed by the US, followed by Poland, France, and India. Australia shot up in the chart due to a spike in breached users in February. Meanwhile, Ukraine appeared in 67% fewer breaches than in the quarter before the war.  The analysis highlights…

The Identity Theft Resource Center published a First Quarter 2022 Data Breach Analysis which found that Q1 of 2022 began with the highest number of publicly reported data compromises in the past three years. Among stated findings:  Publicly reported data compromises totaled 404 through March 31, 2022, a 14 percent increase compared to Q1 2021.This is the third consecutive year when the number of total data compromises increased compared to Q1 of the previous year. It also represents the highest number of Q1 data compromises since 2020.However, the number of individual victims actually dropped in Q1 2022. The 20.7M victims…

It has been reported that German wind turbine manufacturer, Nordex Group, was hit by a cyber-attack on 31 March 2022, with an update issued by the firm this week. The cyber-attack was detected by IT security team at an early stage, according to Nordex, and response measures were taken quickly.

Information Security Experts commented below on the news that the FBI and international partners seized control of a popular hacking forum.

Critical infrastructure in the crosshairs: operational technology vulneabilities jump 88% News summary Enormous aggregate cyber risk: 3x increase in vulnerabilities over the past decade Adversaries exploit weaknesses faster: 24% uptick in new vulnerabilities exploited in the wild These and other findings published in new Skybox Research Lab Report  Threat intelligence analysts at Skybox Research Lab uncovered a 42% increase in new ransomware programs targeting known vulnerabilities in 2021. Today, the Silicon Valley cybersecurity company released its annual 2022 Vulnerability and Threat Trends Report, revealing how quickly cybercriminals capitalize on new security weaknesses – shrinking the window that organizations have to remediate vulnerabilities ahead…

A critical RCE flaw identified in the Elementor WordPress plugin could 500k or more sites. its critical severity is given by the fact that anyone logged into the vulnerable website can exploit it, including regular subscribers. A threat actor creating a normal user account on an affected website could change the name and theme of the affected site making it look entirely different. Plugin Vulnerabilities has also published a proof of concept (PoC) to prove the exploitability, increasing the risk of vulnerable websites to be compromised.

Amid escalating threats to global critical infrastructure, last night Dragos announced the discovery of new malware specifically developed to disrupt industrial processes: PIPEDREAM. This is the seventh ever publicly known ICS-specific malware, following INDUSTROYER2, STUXNET, HAVEX, BLACKENERGY2, CRASHOVERRIDE, and TRISIS. Since early 2022, Dragos has been analyzing PIPEDREAM malware. PIPEDREAM was developed by a new threat group Dragos identifies as CHERNOVITE. Dragos assesses with high confidence this threat group created PIPEDREAM for use in disruptive or destructive operations against Industrial Control Systems (ICS). Media Resources: Last night’s advisory by the US Cybersecurity and Infrastructure Security Agency (CISA): https://www.cisa.gov/uscert/ncas/current-activity/2022/04/13/apt-actors-target-icsscada-devices Dragos blog: https://www.dragos.com/blog/industry-news/chernovite-pipedream-malware-targeting-industrial-control-systems…

Concerns over government readiness for and responsiveness to cyber-attacks on critical infrastructure have been exacerbated by the recent conflict in Ukraine. New vulnerabilities, emerging tactics and digital exposurehave forced decision makers to re-evaluate existing strategies to respond to these threats in an effective way. Trellix, formerly McAfee Enterprise and FireEye, carried out research in the UK, France and Germany on the cybersecurity postures of governments and criticalinfrastructure organisations – particularly their preparedness for cyberattacks. Top findings from the 2022 Cyber Readiness report include: ·86% of UK respondents believe there is room for improvement in the level of cybersecurity partnerships between…

In response to Microsoft’s “Patch Tuesday” update revealing a new RPC Remote Code Execution CVE that affects numerous servers and workstation versions of Microsoft Windows, Information Security Experts reacted below.

Cynerio cybersecurity researchers specializing in healthcare IoT have discovered five serious vulnerabilities that allow remote hacking of Aethon’s TUG autonomous mobile robots. The TUG robots are used by hundreds of hospitals across the globe to transport goods, materials and clinical supplies.… these robots require a lot of sensitive data and freedom of movement to be able to carry out their jobs effectively. JekyllBots is a set of 5 critical zero-day vulnerabilities that were found by the Cynerio Live research team that enable remote control of Aethon TUG smart autonomous mobile robots and their online console. JekyllBot:5 allows attackers who exploit these…