Weekly Cyber Roundup (June 17, 2022)

CYBER BYTES 📅

• Palo Alto Networks reports that Gallium (ATP Group), determined to likely be a Chinese-state-sponsored group, has expanded attacks beyond telecommunication companies to include financial institutions and government entities. The group is using a new remote access trojan named PingPull. Read more…
  
  
• Cloudflare mitigated a 26 million request per second DDoS attack. The attacker used a botnet of 5,067 devices. This attack generated 212 million HTTPS requests within 30 seconds. Read more…
  
  
• Radware publishes an advisory that DragonForce Malaysia, a hacktivist group, launched a series of cyberattacks against the government of India by launching DDoS attacks against websites. DragonForce advertised the DDoS campaign to entice followers to join the campaign. Radware confirms the defacement of numerous websites across India. Read more…
  
  
• Microsoft released patches to fix 55 security vulnerabilities, 3 deemed critical, including a patch for the zero-day named “Follina”. The June 2022 cumulative updates or a separate security update for Windows Server both contain the security patch that Microsoft issued today to address the MSDT vulnerability. Read more…
  
  
• Internet Explorer is officially retired after 25+ years. Internet Explorer will redirect users to Microsoft Edge. To allow users time to identify any sites they might have missed and conclude their transition, Internet Explorer won’t be eliminated from each of these editions today. Instead, it will be gradually replaced by Microsoft Edge on many of these platforms over the coming months. Read more…

   

LATEST GOVERNMENT NEWS 📃

• The White House OMB published an IT Operation Plan for prioritizing cybersecurity, IT modernization, digital-first customer experience, and data as a strategic asset. The strategic level execution of IT activities and investments across federal agencies is made possible through the Information Technology Oversight and Reform (ITOR) Account, Technology Modernization Fund (TMF), and Federal Citizen Services Fund (FCSF). Read more…
  
  
• The White House is developing a national strategy to enhance privacy-preserving, data sharing, and analytics to align with the national strategy on data collection to innovate, improve government efficiencies, and deliver benefits. Read more…
  
  
• U.S. and EU funds are being used to aid other developing nations in their defense against China. The conflict in Ukraine emphasizes the significance of nation-state cyberattack defense. The money will be used to assist other nations in building a safe and dependable telecommunications infrastructure. Read more…
  
  
• Cyber.org, a CISA backed non-profit focused on empowering educators as they prepare the next generation to succeed in the cyber workforce of tomorrow, announced June as National Cybersecurity Education Month. Read more…

THE READING CORNER 📖

• Cult of the Dead Cow by Joseph Menn 

• Countdown to Zero Day by Kim Zetter 

• Spam Nation by Brian Krebs 

• Snow Crash by Neal Stephenson 

• Ransomware: Understand. Prevent. Recover. by Allan Liska 

• President Biden’s 2021 Cybersecurity Executive Order