OSN April 16, 2021

Fortify Security Team
Apr 16, 2021

Title: Celsius Email System Suffers Security Breach
Date Published: April 16, 2021


Excerpt: “An April 15th update says that as an aftermath of the security breach, some Celsius customers have received emails and texts directing them to a malicious website masquerading as the Celsius platform. The posts claim the link would direct them to a new Celsius web wallet, claiming to offer $500 to users who create a wallet using the link.”

Title: Russia-Linked Apt SVR Actively Targets These 5 Flaws
Date Published: April 16, 2021


Excerpt: “NSA, CISA, and FBI are aware that the United States Government, critical infrastructure (including Defense Industrial Base), and allied networks are consistently scanned, targeted, and exploited by Russian state-sponsored cyber actors. NSA, CISA, and FBI recommend that critical system owners prioritize the following mitigation actions to mitigate the loss of sensitive information that could impact U.S. policies, strategies, plans, ongoing operations, and competitive advantage.” concludes the advisory.”

Title: Morpheus Turns a CPU Into a Rubik’s Cube to Defeat Hackers
Date Published: April 13, 2021


Excerpt: “A total of 10 vulnerabilities were uncovered among the five processors developed for SSITH, but none of those weak points were found in the University of Michigan processor, called Morpheus. Michigan professor of electrical engineering and computer science Todd Austin explained what makes Morpheus so puzzling for hackers to penetrate.”

Title: Compromising Operating Systems Through Fake Software Updates
Date Published: April 16, 2021


Excerpt: “As computer users become more virus-aware, malware authors are now attempting to dupe users into downloading their malicious software by masking it as a legitimate software update. Most users are aware that it is important to keep computer applications up to date in order to avoid being a victim of the malware.”

Title: Five Signs Ransomware Is Becoming an Industry
Date Published: April 16, 2021


Excerpt: “Not content with its innovative victim-pressuring tactics, the DarkSide ransomware gang has forged ahead with DarkSide Leaks, a professional-looking website that could well be that of an online service provider, and is using traditional marketing techniques. What follows are the five most illustrative examples of one gang’s transformation from an underground criminal group to an enterprise.”

Title: Malware and Scammers Are Now Targeting the Popular NFT Marketplace Rarible
Date Published: April 16, 2021


Excerpt: “A non-fungible token (NFT) is a unit of data stored on a digital ledger, called a blockchain, that certifies a digital asset to be unique and therefore not exchangeable. NFTs can be utilized to represent items such as photographs, videos, audio, and other types of digital files. Even if copies of these digital items are accessible for anyone to get, NFTs are tracked on blockchains to provide the owner with evidence of ownership.”

Title: Watchdog Thinks Google Tricked Australians Into Giving Up Data, Sues. Judge Semi-Agrees
Date Published: April 16, 2021


Excerpt: “For Google to not collect a device’s location data, the user needed to let their wishes be known in both the “Location History” and the “Web & App Activity” setting segments. In its case, which it first brought against the web search giant in July 2020, the Australian Competition and Consumer Commission (ACC) had argued that Google did not adequately publicise the secondary setting requirement.”

Title: Lazarus BTC Changer. Back in Action With JS Sniffers Redesigned To Steal Crypto
Date Published: April 16, 2021


Excerpt: “In the last five years, JavaScript sniffers have grown into one of the most dangerous threats for e-commerce businesses. The simple nature of such attacks combined with the use of malicious JavaScript code for intercepting payment data attract more and more cybercriminals, and JS-sniffers became one of the most prominent sources of stolen bank cards on underground markets. However, in one recent campaign we saw a big step forward in attacks on e-commerce websites involving JS-sniffers.”

Title: Gafgyt Botnet Lifts DDoS Tricks from Mirai
Date Published: April 15, 2021


Excerpt: “Gafgyt (a.k.a. Bashlite) is a botnet that was first uncovered in 2014. It targets vulnerable internet of things (IoT) devices like Huawei routers, Realtek routers and ASUS devices, which it then uses to launch large-scale distributed denial-of-service (DDoS) attacks. It also often uses known vulnerabilities such as CVE-2017-17215 and CVE-2018-10561 to download next-stage payloads to infected devices.”

Title: PhishGun: How Phishing Attacks From Services Like Mailgun Bypass Microsoft 365 Security
Date Published: April 16, 2021


Excerpt: “In a span of four days, Avanan researchers saw more than 3,000 distinct phishing campaigns coming from IP addresses belonging to Mailgun. What’s unique about Mailgun that makes it a very compelling phishing platform for hackers is that the service allows users to set a different field in the “From” and “Sender” fields of the email headers. This is one way the attack confuses and gets past Microsoft. This is excellent for carrying out impersonation attacks.”

Recent Posts

June 30, 2022

Title: Google Blocked Dozens of Domains Used by Hack-For-Hire Groups Date Published: June 30, 2022 https://www.bleepingcomputer.com/news/security/google-blocked-dozens-of-domains-used-by-hack-for-hire-groups/ Excerpt: “Google's Threat Analysis Group (TAG) has blocked...

June 28, 2022

Title: Over 900,000 Kubernetes Instances Found Exposed Online Date Published: June 28, 2022 https://www.bleepingcomputer.com/news/security/over-900-000-kubernetes-instances-found-exposed-online/ Excerpt: “Over 900,000 misconfigured Kubernetes clusters were found...

June 27, 2022

Title: CafePress Fined $500,000 for Breach Affecting 23 Million Users Date Published: June 24, 2022 https://www.bleepingcomputer.com/news/security/cafepress-fined-500-000-for-breach-affecting-23-million-users/ Excerpt: “The U.S. Federal Trade Commission (FTC) has...

June 24, 2022

Title: Scalper Bots out of Control in Israel, Selling State Appointments Date Published: June 23, 2022 https://www.bleepingcomputer.com/news/security/scalper-bots-out-of-control-in-israel-selling-state-appointments/ Excerpt: “Out-of-control scalper bots have created...

June 23, 2022

Title: New MetaMask Phishing Campaign uses KYC Lures to Steal Passphrases Date Published: June 23, 2022 https://www.bleepingcomputer.com/news/security/new-metamask-phishing-campaign-uses-kyc-lures-to-steal-passphrases/ Excerpt: “A new phishing campaign is targeting...

June 22, 2022

Title: Microsoft Reveals Cause Behind this Week’s Microsoft 365 Outage Date Published: June 22, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-reveals-cause-behind-this-week-s-microsoft-365-outage/ Excerpt: “Microsoft has revealed that this week's...

June 21, 2022

Title: Microsoft 365 Outage Affects Microsoft Teams and Exchange Online Date Published: June 21, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-affects-microsoft-teams-and-exchange-online/ Excerpt: “An ongoing outage affects multiple...