OSN April 12, 2021

Fortify Security Team
Apr 12, 2021

Title: Mozilla Flooded With Requests After Apple Privacy Changes Hit Facebook
Date Published: April 11, 2021


Excerpt: “Mozilla volunteers have recently been flooded with online merchants and marketers’ requests for their domains to be added to what’s called a Public Suffix List (PSL). Public Suffix List (PSL) is an initiative of the Mozilla community volunteers to maintain a list of top-level domains (TLDs) and domains that should be treated as one to prevent the mixing of cookies between distinct domains.”

Title: New Malware Downloader Spotted in Targeted Campaigns
Date Published: April 12, 2021


Excerpt: “Researchers at Malwarebytes recently spotted the Saint Bot dropper, as they have named it, being used as part of the infection chain in targeted campaigns against government institutions in the country of Georgia. In each case, the attackers used Saint Bot to drop information stealers and other malware downloaders. According to the security vendor, it is likely that the new loader is being used by a few different threat actors, so there are likely other victims.”

Title: LinkedIn Confirmed That It Was Not a Victim of a Data Breach
Date Published: April 12, 2021


Excerpt: “The four leaked files contain information about the users whose data has been allegedly scraped by the threat actor, including their full names, email addresses, phone numbers, workplace information, and more. Users on the hacker forum can view the leaked samples for about $2 worth of forum credits, the threat actor was auctioning the much-larger 500 million user database for at least a 4-digit sum, worth of bitcoin or other cryptocurrencies.”

Title: 6-Year-Old Moodle Flaw Exposed Millions to Account Takeover Attack
Date Published: April 12, 2021


Excerpt: “The vulnerability was discovered on 9th October 2020 however details of it were released last week. According to researchers, the platform was vulnerable for 6 years before being discovered and patched. Any university or school that used Moodle during that time with TeX filter enabled was at risk. TeX filter is mainly needed when sharing mathematical formulas so scientific or economics departments of universities will probably have TeX filter enabled.”

Title: How Ransomware Gangs Are Connected, Sharing Resources and Tactics
Date Published: April 12, 2021


Excerpt: “Many of us who read the news daily encounter a regular drum beat of ransomware stories that are both worrying and heartbreaking. And what many of us don’t realize is that they are often interconnected. Some of the gangs behind the ransomware campaigns that we read about have established a relationship among each other that can be described as “being in league with each other”, yet they lack certain elements that might cement their status as a true cartel in the digital underground world.”

Title: Over 90% of Organizations Hit by a Mobile Malware Attack in 2020
Date Published: April 12, 2021


Excerpt: “Almost every global organization suffered at least one mobile malware attack in 2020, according to a new report from Check Point. The security vendor polled 1800 customers of its Harmony Mobile device threat protection product to compile its 2021 Mobile Security Report. Of the near-total number that faced a mobile attack last year, 93% of incidents originated in a device network, and were either phishing attempts (52%), C&C communication with malware already on the device (25%) or involved infected websites/URLs (23%).”

Title: FBI Arrests Man for Plan to Kill 70% Of Internet in AWS Bomb Attack
Date Published: April 9, 2021


Excerpt: “The FBI arrested a Texas man on Thursday for allegedly planning to “kill of about 70% of the internet” in a bomb attack targeting an Amazon Web Services (AWS) data center on Smith Switch Road in Ashburn, Virginia. Seth Aaron Pendley, 28, was charged via criminal complaint on Friday morning for attempting to destroy a building using C-4 plastic explosives he tried to buy from an undercover FBI employee.”

Title: Facebook Removes 16k Groups for Trading Fake Reviews
Date Published: April 9, 2021


Excerpt: “The CMA said on Friday that Facebook had taken down a further 16,000 groups that were dealing in fake and misleading reviews. The company has also changed the way it identifies, removes, and blocks from its platforms paid content that could mislead Facebook and Instagram users. “We have engaged extensively with the CMA to address this issue,” said a spokesperson for Facebook”.”

Title: Hackers Hit 9 Countries, Expose 623,036 Payment Card Records
Date Published: April 8, 2021


Excerpt: “The leaked data also included the victims’ nicknames, hashed passwords, contact details, history of activity, and current balance. The database also exposed all compromised data traded on the website: This included 623,036 payment card records issued by banks from the United States, Canada, the United Kingdom, China, Singapore, France, Brazil, Saudi Arabia, and Mexico. There were also 498 sets of online banking credentials and 69,592 sets of U.S. social security numbers and Canadian social insurance numbers.”

Title: US Blacklists 7 Chinese Supercomputer Entities
Date Published: April 9, 2021


Excerpt: “Citing national security concerns, the U.S. Department of Commerce this week placed seven Chinese supercomputer organizations on the Entity List, which effectively bars them from receiving supplies or components from American companies. Commerce Secretary Gina M. Raimondo notes that the high-performance computing technologies developed by these entities could be used in weapons of mass destruction programs.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/bizarre-ransomware-sells-decryptor-on-roblox-game-pass-store/ Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/ Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 https://www.bleepingcomputer.com/news/legal/surfshark-expressvpn-pull-out-of-india-over-data-retention-laws/ Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 https://www.bleepingcomputer.com/news/security/italian-city-of-palermo-shuts-down-all-systems-to-fend-off-cyberattack/ Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/critical-atlassian-confluence-zero-day-actively-used-in-attacks/ Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/conti-ransomware-targeted-intel-firmware-for-stealthy-attacks/ Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/ Excerpt: “The duration of ransomware attacks in 2021...