Dangerous ICS Malware Targets Orgs in Russia and Ukraine

"Kapeka" and "Fuxnext" are the latest examples of malware to emerge from the long-standing conflict between the two countries. [TechWeb]( Follow Dark Reading: [RSS]( April 18, 2024 LATEST SECURITY NEWS & COMMENTARY [Dangerous ICS Malware Targets Orgs in Russia and Ukraine]( "Kapeka" and "Fuxnext" are the latest examples of malware to emerge from the long-standing conflict between the two countries. [Active Kubernetes RCE Attack Relies on Known OpenMetadata Vulns]( Once attackers have control over a workload in the cluster, they can leverage access for lateral movement both inside the cluster and to external resources. [Sneaky Shellcode: Windows Fibers Offer EDR-Proof Code Execution]( Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a little-known Windows OS workhorse to sneak shellcode and other malware onto victim machines. [Ivanti Releases Fixes for More Than 2 Dozen Vulnerabilities]( Users will need to download the latest version of Ivanti's Avalanche to apply fixes for all of the bugs. [Various Botnets Pummel Year-Old TP-Link Flaw in IoT Attacks]( Moobot, Miori, AGoent, and a Gafgyt variant have joined the infamous Mirai botnet in attacking unpatched versions of vulnerable Wi-Fi routers. [Preparing for Cyber Warfare: 6 Key Lessons From Ukraine]( Having a solid disaster recovery plan is the glue that keeps your essential functions together when all hell breaks loose. [(Sponsored Article) The Need to Secure AI Use Is Real. Are Organizations Prepared?]( Generative AI brings both excitement and anxiety. Learn how to build a multifaceted approach to enable the secure use of AI in your organization. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Cisco Duo's Multifactor Authentication Service Breached]( A third-party telephony service provider for Cisco Duo falls prey to social engineering, and the company advises customer vigilance against subsequent phishing attacks. [Name That Toon: Last Line of Defense]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [3 Steps Executives and Boards Should Take to Ensure Cyber Readiness]( Many teams think they're ready for a cyberattack, but events have shown that many don't have an adequate incident response plan. [LockBit 3.0 Variant Generates Custom, Self-Propagating Malware]( Kaspersky researchers discovered the new variant after responding to a critical incident targeting an organization in West Africa. [MORE]( PRODUCTS & RELEASES [Redgate Launches Enterprise Edition of Redgate Monitor]( [Kaspersky Unveils New Flagship Product Line for Business, Kaspersky Next]( [BeyondTrust Acquires Entitle, Strengthening Privileged Identity Security Platform]( [Kim Larsen New Chief Information Security Officer at SaaS Data Protection Vendor Keepit]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE ['Sandworm' Group Is Russia's Primary Cyberattack Unit in Ukraine]( But even with that focus, the sophisticated threat group has continued operations against targets globally, including the US, says Google's Mandiant. LATEST FROM THE EDGE [How Boards Can Prepare for Quantum Computers]( Quantum computing on the level that poses a threat to current cybersecurity measures is still years off. Here's what enterprises can do now to avoid future disruptions. LATEST FROM DR TECHNOLOGY [Open Source Tool Looks for Signals in Noisy AWS Cloud Logs]( Permiso Security announced Cloud Console Cartographer during Black Hat Asia to help defenders look inside Amazon Web Services events logs for signs of cyberattacks. LATEST FROM DR GLOBAL [Nigeria & Romania Ranked Among Top Cybercrime Havens]( A survey of cybercrime experts assessing the top cybercrime-producing nations results in some expected leaders — Russia, Ukraine, and China — but also some surprises. WEBINARS - [Is AI Identifying Threats to Your Network?]( - [Securing Code in the Age of AI]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Application Security's New Mandate in a DevOps World]( - [Making Sense of Your Security Data: The 6 Hardest Problems]( - [The State of Incident Response]( - [Use the 2023 MITRE ATT&CK Evaluation Results for Turla to Inform EDR Buying Decisions]( - [A Solution Guide to Operational Technology Cybersecurity]( - [Demystifying Zero Trust in OT]( - [Secure Access for Operational Technology at Scale]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( - [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=122916&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_04.18.24&sp_cid=53071&utm_content=DR_NL_Dark%20Reading%20Daily_04.18.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#88 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)