OSN October 29, 2021

Fortify Security Team
Oct 29, 2021

Title: Footprinting and Reconnaissance using Windows OS

Date Published: October 29, 2021

https://medium.com/@the_harvester/footprinting-and-reconnaissance-using-windows-os-36760fb47870

Excerpt: “This blog is in continuation previous blog on footprinting and reconnaissance. Previously you understood how to do footprinting with the help of Windows OS. In this blog I am going to show how footprinting can be performed with the help of Linux OS. Attention Future Hackers It is mandatory to have a Kali Linux (Parrot OS works too). None other linux distro should be used, because the tools and commands I am going to discuss are installed beforehand in the Kali Linux. In other distros you will have to additionally download and install the packages from internet and various dependencies too. You are understanding the concepts of hacking, so it is mandatory for you to have Kali linux at least.”

Title: Schreiber Foods Back To Normal After Ransomware Attack Shuts Down Milk Plants

Date Published: October 29, 2021

https://www.zdnet.com/article/schreiber-foods-back-to-normal-after-ransomware-attack-shut-down-milk-plants/

Excerpt: “The food production giant became the latest critical industry company to be hit with ransomware in recent months as cybercriminals continue to show little fear in attacking a variety of industries. Schreiber Foods mostly focuses on yogurt, processed and natural cheese as well as cream cheese. Andrew Tobisch, director of communications for Schreiber Foods, told ZDNet that the “cyber event” impacted their systems starting on Friday and lasting through the weekend. “That meant our plants and distribution centers couldn’t use those systems, which they need to run. It impacted all of our locations, but fortunately, we have a specialized response team that immediately jumped into action and began working to resolve the matter,” Tobisch said.”

Title: Ransomware: Police Sting Targets Suspects Behind 1,800 Attacks That ‘Wreaked Havoc Across the World’

Date Published: October 29, 2021

https://www.zdnet.com/article/ransomware-police-sting-targets-suspects-behind-1800-attacks-that-wreaked-havoc-across-the-world/

Excerpt: “A statement by Europol describes the 12 suspects in Ukraine and Switzerland as “high-value targets” responsible for “wreaking havoc across the world” by distributing LockerGoga, MegaCortex, Dharma and other ransomware attacks against organizations in 71 countries.

But it’s unclear if the individuals have been arrested or charged – a Europol spokesperson told ZDNet that “the judicial process is ongoing. The suspects are believed to have various different roles in “aggressive” criminal organizations responsible for encrypting networks with ransomware and demanding a payment in exchange for the decryption key”.”

Title: New ‘Shrootless’ Bug Could Let Attackers Install Rootkit on macOS Systems

Date Published: October 29, 2021

https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

Excerpt: “Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take complete control of the device to perform arbitrary operations on the device without getting flagged by traditional security solutions. Dubbed “Shrootless” and tracked as CVE-2021-30892, the “vulnerability lies in how Apple-signed packages with post-install scripts are installed,” Microsoft 365 Defender Research Team’s Jonathan Bar Or said in a technical write-up. “A malicious actor could create a specially crafted file that would hijack the installation process”.”

Title: Sugar Daddy Scams Promise Weekly Payments to Young Women

Date Published: October 29, 2021

https://blog.avast.com/sugar-daddy-scams-avast

Excerpt: “I’m a young woman in my 20s and am an active Instagram user. Recently, I was scrolling through my Instagram feed and received a notification about a new direct message request. I saw an older man pictured in the channel’s photo.  The direct message read, “Hey my name is Walker and I am looking for a sugar baby. I would like to pay you 1,500 Euro weekly.” Although this came across as an obvious scam attempt, I got curious. So I responded.”

Title: Data Breach at University of Colorado

Date Published: October 29, 2021

https://www.infosecurity-magazine.com/news/data-breach-university-colorado/

Excerpt: “An American university is notifying thousands of former and current students that their personal information may have been compromised during a recent data breach. In a security notice issued October 25, the University of Colorado Boulder (CU Boulder) attributed the breach to an unpatched vulnerability in software provided by a third-party vendor, Atlassian Corporation Plc. Atlassian is an Australian software company headquartered in Sydney that develops products for software developers, project managers and other software development teams.”

Title: Google Fixes Two High-severity Zero-day Flaws in Chrome

Date Published: October 29, 2021

https://www.zdnet.com/article/google-fixes-two-high-severity-zero-day-flaws-in-chrome/

Excerpt: “Google disclosed that it had patched the two high-severity zero-day flaws in release notes for the stable release of Chrome version 95.0.4638.69 for Windows, Mac and Linux. Any version number higher than that will have the fixes. It’s a good idea to check out Google’s support page for Chrome updates, which explains how Chrome can be set to automatically update when patches become available. Otherwise, Chrome has an ‘Update’ button that is coloured red if an update is at least a week old, indicating that it should be installed.”

Title: Forrester Predicts Mass Cybersecurity Brain Drain

Date Published: October 29, 2021

https://www.infosecurity-magazine.com/news/forrester-predicts-mass/

Excerpt: “Some of this may be part of what’s being dubbed the “Great Resignation” — a period of post-pandemic reflection leading many individuals to change career paths. Forrester also pointed to a Chartered Institute of Information Security study from last year, revealing that 54% of respondents had either left a job due to overwork or burnout or have worked with someone who has. A more recent study from the same organization claimed that over half (51%) of cybersecurity professionals are kept up at night by the stress of the job.”

Title: Teen Rakes in $2.74M Worth of Bitcoin in Phishing Scam

Date Published: October 28, 2021

https://threatpost.com/teen-rakes-in-2-74m-worth-of-bitcoin-in-phishing-scam/175834/

Excerpt: “During the early days of the pandemic, while the rest of the world was stress streaming and working on sourdough starter, an ambitious teen stuck in his bedroom decided to set up a fake “Love2Shop” gift card site to harvest people’s payment information, invest the stolen money in cryptocurrency and become a millionaire. The intrepid 17-year-old in the U.K. collected just under $9,000 before the real Love2Shop caught on when customers started to complain, according to a local report from Lincolnshire Live. The boy’s name is being withheld because he’s a juvenile.”

Title: Misconfigured Database Leaks 880 Million Medical Records

Date Published: October 29, 2021

https://www.infosecurity-magazine.com/news/misconfigured-database-leaks-880-m/

Excerpt: “The non-password-protected data trove was found by Jeremiah Fowler and Website Planet and traced to healthcare AI firm Deep 6 AI, which fixed the privacy snafu promptly after it was responsibly disclosed. Deep 6 AI applies intelligent algorithms to medical data to help find patients for clinical trials within minutes. The exposed data included date, document type, physician note, encounter IDs, patient ID, note, UUID, patient type, note ID, date of service, note type, and detailed note text.”

Recent Posts

OSN November 2, 2021

Title: Possible Cyber Attack Hits ‘Brain’ of N.L. Health-care System, Delaying Thousands of Appointments Date Published: November 1, 2021 cbc.ca/news/canada/newfoundland-labrador/health-services-it-outage-update-nov-1-1.6232426 Excerpt: "A cyberattack appears to be...

OSN November 1, 2021

Title: New 'Trojan Source' Technique Lets Hackers Hide Vulnerabilities in Source Code Date Published: November 1, 2021 https://thehackernews.com/2021/11/new-trojan-source-technique-lets.html Excerpt: "A novel class of vulnerabilities could be leveraged by threat...

OSN October 28, 2021

Title: Ransomware Gangs Use SEO Poisoning To Infect Visitors Date Published: October 28, 2021 https://www.bleepingcomputer.com/news/security/ransomware-gangs-use-seo-poisoning-to-infect-visitors/ Excerpt: "According to the findings of the Menlo Security team, SEO...

OSN August 31, 2021

Title: Cyberattacks Use Office 365 to Target Supply Chain Date Published: August 31, 2021 https://securityintelligence.com/articles/cyberattacks-office-365-supply-chain/ Excerpt: “Supply chain cyberattacks involving Office 365 are effective in that they enable threat...

OSN August 30, 2021

Title: New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305) Date Published: August 30, 2021 https://unit42.paloaltonetworks.com/cve-2021-32305-websvn/ Excerpt: “Analysis of this malware reveals that it is used to perform distributed denial...

OSN August 27, 2021

Title: Microsoft Azure Vulnerability Exposed Thousands of Cloud Databases Date Published: August 27, 2021 https://www.cyberscoop.com/microsoft-azure-cloud-vulnerability/ Excerpt: “The flaw would have allowed any Azure Cosmos DB user to read, write and delete another...

OSN August 26, 2021

Title: Microsoft Breaks Silence on Barrage of ProxyShell Attacks Date Published: August 26, 2021 https://threatpost.com/microsoft-barrage-proxyshell-attacks/168943/ Excerpt: “The company released an advisory late Wednesday letting customers know that threat actors may...