Guess the suspect when the South Asian entities are under target? A massive cyberespionage campaign swept attacks directed at officials in South Asian countries; experts allege links to a Chinese hacking group. In a separate streak, U.S. defense firms were targeted in the recent Solarwinds zero-day exploits. The security research fraternity was taken aback after REvil threat actors mysteriously went offline. With this, slide in for the top ten cybersecurity news from the past 24 hours.
01
Kaspersky discovered an ongoing, large-scale APT campaign named LuminousMoth with hundreds of victims from Southeast Asia, including Myanmar and the Philippines government entities.
02
Microsoft took the wrap off a Chinese hacking group, dubbed DEV-0322, that was involved in targeting the U.S. Defense Industrial Base Sector and software companies via a zero-day in the SolarWinds Serv-U product.
03
In an emergency directive order, the CISA instructed federal agencies to disable MS Windows’ Print Spooler service before Wednesday midnight, if unpatched, to avoid network compromise owing to the PrintNightmare flaw.
04
Security firms T&T Security and Zerde Holding identified at least two maldocs hosted on the official website of the Kazakhstan government for over five months.
05
REvil ransomware group, which was involved in some of the biggest supply chain attacks this year, has allegedly disappeared from the dark web market.
06
The Financial Stability Board stated that cyberattacks against financial firms spiked from 5000 to over 200,000 per week between February 2020 and April 2021 owing to increased reliance on VPNs and unsecured WiFi access points.
07
A report by Fortified Health Security revealed that over 22.8 million patients have been impacted in different healthcare breaches until now in 2021, which is a thumping 185% rise from the last year.
08
Ukraine authorities confiscated roughly 3,800 PlayStation 4 gaming consoles that were allegedly stacked on metal racks to facilitate cryptocurrency mining.
09
The Cyberspace Administration of China published new regulations regarding vulnerability disclosure procedures applicable to firms within the country’s borders.
10
Breach and Attack Simulation (BAS) systems provider AttackIQ secured $44 million in Series C funding led by Atlantic Bridge, Saudi Aramco Energy Ventures (SAEV), and Gaingels, joined by existing investors.
