BLOG
Cyber Threat Report
CASE STUDY

Cyber Threat Report: Cyber Security News for 04/28/23

US Cyberwarriors Thwarted 2020 Iran Election Hacking Attempt
Iranian hackers broke into a system used by a local government to support its election night operations but were kicked out before any attack could be launched, according to U.S. military and cybersecurity officials. Read More

APC Issues Patches for Three Vulnerabilities in UPS Units
Companies that fail to apply the remediations the company supplied may risk remote code execution, escalation of privileges, or authentication bypass, which could potentially result in the execution of malicious web code or loss of device functionality of the uninterruptible power supply (UPS). Read More

FIN7 Hackers Caught Exploiting Recent Veeam Vulnerability
Russian cybercrime group FIN7 has been observed exploiting a Veeam Backup & Replication vulnerability patched in March 2023. Read More

VMware Releases Critical Patches for Workstation and Fusion Software
VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution. Read More

Corporate Boards Pressure CISOs to Step Up Risk Mitigation Efforts
Despite the new emphasis on risk management, business leaders still don’t have a firm grasp on how cyber risk can impact different business initiatives—or that it could be used as a strategic asset and core business differentiator. Read More

Russian Hacktivist Threat on Canada’s Pipelines is ‘Call to Action,’ Top Cyber Official Says
Pro-Russian hacktivists and an intelligence officer claimed could have caused an explosion. The hackers claimed they could "increase valve pressure, disable alarms, and initiate an emergency shutdown of an unspecified gas distribution station” located in Canada. Read More

FDA Authorized to Establish New Cybersecurity Standards for Medical Devices
What does it mean for Industry? Read More

Metaverse Version of the Dark Web Could be Nearly Impenetrable
Law enforcement will likely find it much harder to take down criminal activities on the "deepverse." Read More

Malware-Free Cyberattacks Are On the Rise; Here's How to Detect Them
Last year, 71% of enterprise breaches were pulled off quietly, with legitimate tools, research shows. Read More

New Coercive Tactics Used to Extort Ransomware Payments
Ransomware groups ramp up pressure tactics. Read More


HEADLINE PRIVACY & IT SECURITY COMPLIANCE NEWS

In 2020, the United States Cyber Command thwarted an attempt to interfere in the US presidential election. The operation involved sending threatening messages to Iranian operatives and taking down their servers. The Iranian hacking group, known as "Phosphorous," attempted to gain access to voter registration information in order to send out intimidating emails to voters. The US government never disclosed how it gained access to the servers or what the messages to the Iranian operatives said.

Schneider Electric has fixed three vulnerabilities that could allow an attacker to remotely execute code on APC UPS units. The threats were discovered by researchers at the industrial cybersecurity company, Claroty. The vulnerabilities allow attackers to cause a denial of service, escalate privileges, or execute arbitrary code with root-level permissions on the UPS units. Users of the affected product are advised to update their firmware to the latest version to mitigate these vulnerabilities.


Get in touch with us to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.