Daily Cybersecurity Roundup, April 15, 2022
In one of the major revelations, the US Treasury Department held North Korean hackers responsible for the biggest cryptocurrency hack ever. In another news, one of the largest developers and manufacturers of wind turbines disclosed suffering a cyberattack earlier this month. Do you know ransomware groups too have an HR department? Let’s find out what all the cybersecurity space witnessed in the last 24 hours!
The U.S. Treasury Department blamed North Korean hacking groups, Lazarus and APT38, for the theft of over $600 million in cryptocurrency from Axie Infinity’s Ronin network bridge.
The Conti ransomware group attacked wind turbine giant Nordex, forcing it to shut down its IT systems and remote access to the managed turbines. The company noted the intrusion in an early stage and took mitigation measures immediately in accordance with crisis management protocols.
In another update, the researchers unearthed some interesting details on the Conti ransomware gang. As per the report by Cyberint, Check Point, and other cyber experts, the gang operates much like a regular organization, with salaried workers, performance reviews, bonuses, and even “employee of the month” rewards.
North Korea’s Lazarus Group has been detected launching an espionage campaign on chemical sector organizations in South Korea to steal intellectual property.
The Royal Spanish Football Federation (RFEF) revealed being hit in a cyberattack that compromised the documents and information from its email accounts, private texts, and phone conversations of top executives of the federation.
Attackers are targeting Ukrainian government agencies by pushing the IcedID malware via phishing attacks and exploiting a vulnerability in Zimbra, an email and collaboration platform.
The FBI issued a warning against cybercriminals launching social engineering attacks and attempting to trick payment app users in the U.S. into making instant money transfers.
A threat actor group, dubbed Haskers Gang, released an information-stealing malware—ZingoStealer—for free, enabling fellow cybercriminals to leverage the malware for malicious purposes.
Cybersecurity startup Twingate raised $42 million in series B funding, with the round led by BOND Capital, 8VC, WndrCo, and SignalFire. The latest investment brings the company’s total funding to $67 million.
Cloud security startup, Obsidian Security Inc., closed a $90 million funding round led by Menlo Ventures, Norwest Venture Partners, and IVP, with support from existing investors Greylock, Wing, and GV. Obsidian.