SecurityWeek reports that Russia and other nearby countries, such as Belarus, Kazakhstan, Kyrgyzstan, and Uzbekistan, have experienced an influx of cyberattacks against industrial control system computers involving the exploitation of a vulnerability in the Bitrix Site Manager content management system, tracked as CVE-2022-27228.
Such a spike in attacks has been attributed by Kaspersky researchers to mass infections of websites leveraging Bitrix CMS, with researchers adding the significant increase in malicious scripts and phishing pages it blocked in Russia during the second half of last year, particularly in August and September.
"[The increase in attacks] was largely due to a surge in the activity of potentially dangerous advertising platforms that are often used to spread malware disguised as advertising displayed on various web resources," Kaspersky added.
The findings also showed that Kaspersky was able to avert threats against 40.6% of protected devices around the globe last year, compared with 39.6% in 2021 and 38.6% in 2020.
Numerous government, political, and academic organizations in South Korea have been targeted by the Chinese state-backed advanced persistent threat operation TAG-74 as part of a "multi-year" cyberespionage campaign part of China's intellectual property theft and influence operations, The Hacker News reports.
BleepingComputer reports that vulnerable Openfire messaging servers impacted by the already addressed high-severity authentication bypass flaw, tracked as CVE-2023-32315, are being subjected to ongoing attacks aimed at ransomware encryption and cryptominer distribution.
Ukraine's Prosecutor General's Office and other departments involved in war crimes documentation have been facing mounting cyberattacks from Russian state-sponsored threat operations looking to obtain evidence regarding such crimes, which is a sharp contrast from the previous targeting of energy facilities, Reuters reports.