OSN June 10, 2021

Fortify Security Team
Jun 10, 2021

Title: Emerging Ransomware Targets Dozens of Businesses Worldwide
Date Published: June 10, 2021


Excerpt: “First observed in February 2021, “Prometheus” is an offshoot of another well-known ransomware variant called Thanos, which was previously deployed against state-run organizations in the Middle East and North Africa last year. The affected entities are believed to be government, financial services, manufacturing, logistics, consulting, agriculture, healthcare services, insurance agencies, energy and law firms in the U.S., U.K., and a dozen more countries in Asia, Europe, the Middle East, and South America, according to new research published by Palo Alto Networks’ Unit 42 threat intelligence team.”

Title: Meatpacking Organization JBS Pays $11 Million to REvil Ransomware Hackers
Date Published: June 10, 2021


Excerpt: “After analyzing the available information, my boss came to the conclusion that the transfer of files will take place only after payment. As stated by JBS, it was essential for them to receive the ransomware decryptor to decrypt two specific databases as the rest of the data was being restored from backups. The two parties eventually agreed to an $11 million payment made in cryptocurrency and sent the same day the negotiation started. Following the payment, the REvil ransomware gang gave JBS the decryptor.”

Title: Researchers Create an UNHackable Quantum Network Over Hundreds of Kilometers Using Optical Fiber
Date Published: June 10, 2021


Excerpt: “But in order to communicate, quantum devices need to send and receive qubits – tiny particles that exist in a special, but extremely fragile, quantum state. Finding the best way to transmit qubits without having them fall from their quantum state has got scientists around the world scratching their heads for many years. One approach consists of shooting qubits down optical fibers that connect quantum devices. The method has been successful but is limited in scale: small changes in the environment, such as temperature fluctuations, cause the fibers to expand and contract, and risk messing with the qubits.”

Title: AL Jazeera Media Network Exposed to Cyberattacks Endeavoring to Disrupt Its Services
Date Published: June 10, 2021


Excerpt: “Qatar’s Al Jazeera Media Network declared in a statement on Wednesday it was exposed to a succession of cyberattacks to penetrate some of its platforms and websites between June 5 and 8, 2021. Al Jazeera is a Qatari government-funded international Arabic news channel based in Doha, Qatar that is operated by the media conglomerate Al Jazeera Media Network. The channel is a flagship of the media conglomerate and hence, is the only single offering to carry the name as simply “Al Jazeera” in its branding.”

Title: Russia-Linked APT Breached the Network of Dutch Police in 2017
Date Published: June 10, 2021


Excerpt: “The hackers exploited a vulnerability in an “exotic software” to compromise a server of the Dutch Police Academy, then they made lateral movements to access other systems into the main Dutch police network. The intrusion was uncovered by the Dutch intelligence service AIVD, the government experts discovered that a Dutch police IP address was connecting to servers operated by Russia-linked APT. According to sources of the Volkskrant, the attack was conducted by the Russia-linked APT29 (aks SVR, Cozy Bear, and The Dukes). APT29 along with APT28 cyber espionage group was involved in the Democratic National Committee hack and the wave of attacks aimed at the 2016 US Presidential Elections.”

Title: FBI: BEC Scammers Now Impersonate Construction Companies
Date Published: June 10, 2021


Excerpt: “The Federal Bureau of Investigation has recently warned that scammers are now posing as construction companies in business email compromise (BEC) attacks. The threat actors are targeting organizations from multiple U.S. critical infrastructure sectors. BEC fraud is a scheme used by cybercriminals to gain access to a legitimate business email through social engineering or computer intrusion to impersonate an employee – often someone who can authorize payments – and instructs others in the company to transfer funds on their behalf.”

Title: Chrome Zero-Day, Hot on the Heels of Microsoft’s Ie Zero-Day. Patch Now!
Date Published: June 10, 2021


Excerpt: “This bug is listed as a “type confusion in V8“, where V8 is the part of Chrome that runs JavaScript code, and type confusion means that you can feed V8 one sort of data item but trick JavaScript into handling it as if it were something else, possibly bypassing security checks or running unauthorized code as a result. For example, if your code is doing JavaScript calculations on a data object that has a memory block of 16 bytes allocated to it, but you can trick the JavaScript interpreter into thinking that you are working on an object that uses 1024 bytes of memory, you can probably end up sneakily writing data outside the official 16-byte allocation, thus pulling off a buffer overflow attack.”

Title: Building a Webauthn Click Farm — Are Captchas Obsolete?
Date Published: June 10, 2021


Excerpt: “If an attacker has automated attacks (e.g. DDOS, mass goods purchasing, etc.) that need to bypass the attestation of personhood this is a reliable way to do it with relatively low cost and effort. For a few hours of work and a hundred dollars of hardware keys, an attacker could make a reusable system that could support theoretically limitless automated requests that could successfully bypass the challenge.”

Title: U.S. Department of Defense Awards Contract to Lookingglass Cyber Solutions
Date Published: June 10, 2021


Excerpt: “LookingGlass scoutSuite synthesizes vast amounts of global internet data with threat actor capabilities and motivations to provide a robust threat modeling environment that can quickly process, prioritize, and operationalize threat intelligence and indicators of compromise. The quantity and quality of data in the platform enables it to support multiple cybersecurity use cases.”

Title: What to Know About Updates to the PCI Secure Software Standard
Date Published: June 9, 2021


Excerpt: “On April 29, 2021, the PCI Council announced an update to the Secure Software Standard, which defines the criteria for various types of payment software for evaluation and listing. The PCI Council made several clarifications to controls within the standard, added additional guidance to a couple of sections, and added its new module specific to Terminal Software Requirements, which applies to software intended for deployment and execution on payment terminals. ”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/bizarre-ransomware-sells-decryptor-on-roblox-game-pass-store/ Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/ Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 https://www.bleepingcomputer.com/news/legal/surfshark-expressvpn-pull-out-of-india-over-data-retention-laws/ Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 https://www.bleepingcomputer.com/news/security/italian-city-of-palermo-shuts-down-all-systems-to-fend-off-cyberattack/ Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/critical-atlassian-confluence-zero-day-actively-used-in-attacks/ Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/conti-ransomware-targeted-intel-firmware-for-stealthy-attacks/ Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/ Excerpt: “The duration of ransomware attacks in 2021...