Logo Logo
  • Home
  • Modshield SB
  • services
    • Application Security Testing
    • IoT Security Testing
    • Infrastructure Security Testing
    • Testing for Compliance
    • Red Team Exercise
    • Performance Testing
  • Training
    • Cybersecurity Awareness Program
    • Cybersecurity For Developers(Web Application)
    • Cybersecurity For Developers(Mobile Application)
  • Resources
    • Blog
    • CyberNews
  • About
    • Partners
    • Contact

Top Cyber News April Week 2

  • Home
  • Blog Details
Top Cyber News April Week 2
April 13 2022
  • CyberNews

Spring4 shell vulnerability, Ukrainian power grid got ‘lucky’, and Oil India Limited’s cyber attack

Know Top Cyber News Of April Week 2

Attackers are abusing spring4 shell vulnerability to spread mirai botnet malware

The recently revealed Spring4Shell vulnerability has been used by criminals to spread the Mirai botnet.

Spring4Shell, a severe vulnerability in VMWare’s Spring Framework’s Java-based Core module, is being actively used, according to researchers, to hack into unpatched devices before infecting them with the Mirai malware.

Attackers are abusing spring4 shell vulnerability to spread mirai botnet malware

Exploiting the Spring4Shell vulnerability (CVE-2022-22965) allows “threat actors to download the Mirai sample to the /tmp folder and execute them following permission changes using chmod.”

In non-default settings, the vulnerability can be exploited to execute remote code in Spring Core apps. 

The security flaw should not be confused with CVE-2022-22963, which affects the Spring Cloud Function in a different way.

Ukrainian power grid ‘lucky’ to withstand Russian cyber-attack

Hackers attempted to shut down substations at one of the country’s main energy stations, resulting in blackouts for two million people.

The malicious software employed in the attack is identical to that utilised by Russian hackers in earlier attacks on Kyiv that resulted in power outages.

cyber news april week 2 - Ukrainian power grid 'lucky' to withstand Russian cyber-attack

Sandworm, a Russian military outfit, is thought to be involved, according to researchers.

It is the most devastating cyber-attack against Ukraine since Russia invaded the country.

Despite a massive effort to secure the cyber-defences of energy organisations in the country, hackers were able to compromise an unnamed private company. 

The company was responsible for supplying power to two million residents. 

According to Viktor Zhora, deputy chairman of the State Service of Special Communications, who spoke at a press conference on Tuesday.

Oil India Limited’s Headquarters Under Cyber Attack

Oil India Limited (OILregistered )’s headquarters in Duliajan, Assam’s Dibrugarh district, is allegedly under cyber attack, prompting the business to lock down all of its computers and IT systems, according to a company spokesman.

Cyber news april week 2 Oil India Headquarters cyber attack

The systems have been shut down since Monday, and OIL spokesperson Tridiv Hazarika indicated that attempts are on to rectify the problem.

“After learning that three to four PCs were infected with a virus on Monday, we were obliged to disconnect all of our computer systems from the LAN.” He claims that no computer at the headquarters now has internet access.

Read Latest Cyber News

Previous Post Next Post

Leave a Comment

Recent Posts

  • SOC 2 Compliance – Complete Guide
  • What is compliance and why do you need it?
  • OWASP WAF – Web Application Firewall
  • Top Cyber News April Week 3
  • Top Cyber News April Week 2

Recent Comments

  1. Vishnu on IEC 62443 – Cybersecurity for Industrial Automation and Control Systems

Archives

  • July 2022
  • June 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • June 2020

Categories

  • Blog
  • CyberNews
© Copyright 2020. Anada WordPres Theme By WordPressRiver