Daily Cybersecurity Roundup, March 25, 2022
Updated: Mar 26, 2022
Amid rising warnings of cyberattacks on the U.S infrastructure, a couple of attack campaigns targeting U.S. organizations were recently linked to North Korean government-backed hackers. In the meantime, Anonymous’ vindictive streak against Russia added a new key victim. What more? An ancient university and a government’s recruitment system in the U.K suffered network outages in separate incidents. Read further for the top highlights in cybersecurity from the past 24 hours.
Top 10 hacking news
Google’s TAG uncovered two attack campaigns by distinct North Korean state actors abusing the same Chrome zero-day. The attacks were aimed at IT organizations, news media, and crypto-banks in the U.S.
After Nestle, the Anonymous hacktivist group claimed to infiltrate the networks of Central Bank of Russia and accessed nearly 35,000 documents. It further threatened to leak them in 48 hours.
Hackers knocked the website of the U.K Ministry of Defence offline. The Army, which is resorted to using paper systems, has declared a cyber emergency and enacted Op Rhodes.
Scammers attempted a vishing attack on the customers of Morgan Stanley Wealth Management in the hope to convince them into revealing sensitive information, such as banking or login credentials.
The IT infrastructure of the 200-year-old Edinburgh's Heriot-Watt University was severely hit by a cyberattack. It’s been over a week and staff and student directories remain unavailable.
The CISA updated it's advisory listing the 30 vulnerabilities in the DIAEnergie industrial energy management system that could allow a hacker to perform remote code execution.
The U.S. and the EU signed a preliminary agreement to reopen the free flow of data between the two regions by revamping the previous Privacy Shield arrangement.
Researchers formulated a replay attack bug affecting Honda and Acura car models, allowing a hacker to unlock the car and even start its engine from proximity.
Clear Skye, an identity governance and administration platform provider, raised $14 million in Series A funding round co-led by Storm Ventures and Toba Capital with participation from Inner Loop Capital and Point Field Partners.
The Western Australian government announced to invest over $19 million to expand the state's cybersecurity services. The same day Australian PM Scott Morrison had warned organizations to prioritize trust over costs and efficiency.