EU Agrees 'Cyber Solidarity Act' to Bolster Incident Response and Recovery

#European Union

The European Union (EU) has agreed new rules to strengthen cyber incident response and recovery across member states, which has been dubbed the ‘cyber solidarity act.’

The provisional regulation aims to make the EU more resilient and reactive to cyber threats via new cooperation mechanisms.

Capita says cyberattack contributed to annual loss of more than £106 million

#Breaches and Incidents

Capita, the British outsourcing company hit by a ransomware attack last March, has reported losing $135.5 million over the last year — roughly a quarter of which was directly caused by the incident.

A new Linux malware campaign is targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances

#Vulnerabilities

The threat actors behind this campaign employed previously undetected payloads, including four Golang binaries that are used to automate the discovery and infection of hosts running the above services.

Lazarus hackers exploited Windows zero-day to gain Kernel privileges

#Vulnerabilities

North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver a zero-day to gain kernel-level access and turn off security tools, allowing them to bypass noisy BYOVD techniques.

CVE, now tracked as CVE-2024-21338, was reported to Microsoft, which led to the development of a fix for the flaw included in the February 2024 Patch Tuesday update.

From February 24th to March 1st, CERT-AGID has identified and analyzed 16 malicious campaigns within its reference Italian scenario

#Reports

14 campaigns had specifics Italian targets.