Researchers at ESET have discovered a hitherto unremarked backdoor North Korea’s Lazarus Group deployed against a South African freight company. The backdoor, “Vyvera,” has been in use since December of 2018. Its initial compromise vector is still unknown. Code similarities and the reuse of familiar techniques lead ESET to attribute Vyvera to Lazarus with “high confidence.”
TechCrunch reports that criminals have taken out Facebook ads to hawk what they misrepresent as a Clubhouse app for PCs. Facebook has removed the ads, several of which stopped attempting to communicate with command-and-control servers in Russia after sandboxing. Some of the malicious ads appear to have been intended to deliver ransomware.
As much commentary has noted (see Chemistry World for a representative sample) educational institutions are increasingly attractive targets for cyberattack. Avast points to a large and vulnerable attack surface poorly defended by under-resourced security programs. While ransomware attacks have drawn considerable attention, Palo Alto Networks’ Unit 42 has found that other forms of crime, notably cryptojacking, are also causing problems: recent cryptojacking incidents in Washington State seem to have been incentivized by rising alt-coin prices.
Bloomberg reports that the US Senate Foreign Relations Committee has prepared a bill that would establish a policy of “strategic competition” with China. The measure would increase US investment in strategically important technologies, foster a multilateral allied approach to China, and extend Committee on Foreign Investment in the United States (CFIUS) jurisdiction to colleges and universities receiving more than $1 million in gifts from a foreign source.