April 18, 2022
David Redekop

This Week In Nerd News – April 18, 2022

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to:

First let’s talk about how you and I, just normal, productive people can be used as pawns by a nation state cyber criminals. We all want to progress, and now just imagine having a dream job offered to you that sound almost too good to be true, but your bias doesn’t allow you to act on that warning, and instead, you take the next step. While at your current network, you download and install a Trojan.

Here we have a story just like that, in a campaign called “Operation Dream Job”.

YouTube video

Lazarus Targets Chemical Sector With ‘Dream Jobs,’ Then Trojans.

As always, be careful, especially when something sounds too good to be true.

The North Korean-linked Lazarus group sent fake job offers to targets in the chemical sector and information technology firms, which — when opened — install Trojan horse programs to collect information and send it back to the attackers, technology provider Broadcom’s security arm Symantec stated in an advisory on April 14.

 

Read More: Lazarus Targets Chemical Sector With ‘Dream Jobs,’ Then Trojans

 

Microsoft’s tactics to win cloud battle lead to new antitrust scrutiny.

What’s old is new again. Will Microsoft’s preferred pricing be sustainable if you’re in their cloud vs the competitors’?

Microsoft has escaped the recent backlash against the power and wealth of the biggest US tech companies.

Despite a stock market value that has soared to more than $2 trillion on its dominance of various parts of the business software market, it has avoided a repeat of the complaints that made it the most prominent target of antitrust action in the US and Europe at the end of the 1990s.

That is, until now.

 

Read More: Microsoft’s tactics to win cloud battle lead to new antitrust scrutiny

 

Russia’s Sandworm hackers attempted a third blackout in Ukraine.

Seems that cyber war is very much part of the war in Ukraine. The Industroyer2 is targeting high voltage system that control the flow at substations.

More than half a decade has passed since the notorious Russian hackers known as Sandworm targeted an electrical transmission station north of Kyiv a week before Christmas in 2016, using a unique, automated piece of code to interact directly with the station’s circuit breakers and turn off the lights to a fraction of Ukraine’s capital. That unprecedented specimen of industrial control system malware has never been seen again—until now: In the midst of Russia’s brutal invasion of Ukraine, Sandworm appears to be pulling out its old tricks.

 

Read More: Russia’s Sandworm hackers attempted a third blackout in Ukraine

 

New SolarMarker Malware Variant Using Updated Techniques to Stay Under the Radar.

Using large EXE files posing as PDF readers with high SEO rankings, that bypass the scanning by local anti-virus or endpoint security software, the first stage of getting a foothold in a system is quite successful for the attackers.

Cybersecurity researchers have disclosed an advanced version of the SolarMarker malware that packs in new improvements with the goal of updating its defense evasion abilities and staying under the radar.

 

Read More: New SolarMarker Malware Variant Using Updated Techniques to Stay Under the Radar

 

Google Emergency Update Fixes Chrome Zero-Day.

This is the fourth one this year. Keep current, stay on a zero trust network, and keep working 🙂

Google fixed two vulnerabilities in its Chrome web browser as part of an emergency update this week, including a type confusion vulnerability that is already being exploited in the wild.

 

Read More: Google Emergency Update Fixes Chrome Zero-Day

 

Did you know?

Inoreader is free for up to 100 feeds. It is also a favourite amongst those that miss the Google Reader. It is definitely Apple-centric, so if that’s your main working environment, you’ll likely enjoy it.