January 24, 2022
David Redekop

TWINN Security News January 24

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to:

Today our focus is on the Advanced Persistent Threats, shortened to APTs. Such labels are applied due to the sticky nature of them that can lurk inside networks undetected for a period of time, waiting for commands from the attacker. APTs are not generally found on smaller networks or individual devices because they often take the resources of a nation state to maintain and manage. However, that’s not to say the techniques used by APTs don’t translate to smaller attacks as well. This week, WhisperGate was analyzed as an APT that was targeting Ukraine government websites.

Researchers break down WhisperGate wiper malware used in Ukraine website defacement. And, it turns out Hackers Were in Ukraine Systems Months Before Deploying Wiper.

In spite of wholehearted attempts to minimize the fallout, Red Cross Falls Victim to Massive Cyberattack.

Hackers disrupt payroll for thousands of employers — including hospitals. Here we see once again how a supply chain attack, in this case the payroll company Kronos, can have a wide-ranging effect in our world today.

International effort takes down VPN service, VPNLab, used for criminal activity. VPN technology plays an important role in security and privacy. Whenever we a story like this, it’s a reminder that running your own VPN is ultimately the best approach you can take.

Molerats Hackers Hiding New Espionage Attacks Behind Public Cloud Infrastructure. Command and Control infrastructure is finding a way to hide in plain sight. For this reason, Zero Trust once again wins the day. There simply is no reason to have Google Drive and Dropbox accessible by systems that don’t require it.

Did you know? 

CalPoly is launching a Journal of Threat Intelligence and Incident Response that “seeks to bridge the gap between industry and academia by providing a forum to share peer reviewed, relevant, and academically rigorous research that will provide a much needed scholarly source to support future research into the areas of cyber threat intelligence and incident response.“

For a video version of this see: https://youtu.be/dIG1GRRnRWY