Microsoft Threat Report: How Russia’s War on Ukraine Is Impacting the Global Cyber

The Russians are engaged in widespread influence operations designed to erode trust, increase polarization, and threaten democratic processes around the globe.


https://www.darkreading.com/threat-intel...-community

Managing Identity Across Clouds Critical to Enterprise Security

Privileged access management (PAM) is notoriously difficult to deploy and companies' increasing use of cloud has made it even more complex.


https://www.darkreading.com/identity-acc...l-security

FBI disrupts Chinese botnet by wiping malware from infected routers


The FBI has disrupted the KV Botnet used by Chinese Volt Typhoon state hackers to evade detection during attacks targeting U.S. critical infrastructure. [...]


https://www.bleepingcomputer.com/news/se...d-routers/

CISA warns of patched iPhone kernel bug now exploited in attacks


CISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively exploited in attacks. [...]


https://www.bleepingcomputer.com/news/se...n-attacks/

Exploit released for Android local elevation flaw impacting 7 OEMs


A proof-of-concept (PoC) exploit for a local privilege elevation flaw impacting at least seven Android original equipment manufacturers (OEMs) is now publicly available on GitHub. However, as the exploit requires local access, its release will mostly be helpful to researchers. [...]


https://www.bleepingcomputer.com/news/se...ng-7-oems/

Europcar denies data breach of 50 million users, says data is fake


Car rental company Europcar says it has not suffered a data breach and that shared customer data is fake after a threat actor claimed to be selling the personal info of 50 million customers. [...]


https://www.bleepingcomputer.com/news/se...a-is-fake/

Police seize record 50,000 Bitcoin from now-defunct piracy site


The police in Saxony, eastern Germany, have seized 50,000 Bitcoin from the former operator of the pirate site movie2k.to through a voluntary deposit to a state-controlled wallet. [...]


https://www.bleepingcomputer.com/news/le...racy-site/

Hackers push USB malware payloads via news, media hosting sites


A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to host encoded payloads embedded in seemingly benign content. [...]


https://www.bleepingcomputer.com/news/se...ing-sites/

CISA orders federal agencies to disconnect Ivanti VPN appliances by Saturday


CISA has ordered U.S. federal agencies to disconnect all Ivanti Connect Secure and Policy Secure VPN appliances vulnerable to multiple actively exploited bugs before Saturday. [...]


https://www.bleepingcomputer.com/news/se...-saturday/

New Windows Event Log zero-day flaw gets unofficial patches

Free unofficial patches are available for a new Windows zero-day vulnerability dubbed 'EventLogCrasher' that lets attackers remotely crash the Event Log service on devices within the same Windows domain. [...]


https://www.bleepingcomputer.com/news/mi...l-patches/