December 1, 2021

Fortify Security Team
Dec 1, 2021

Title: Bad Actors in News Reporting: Tracking News Manipulation by State Actors
Date Published: December 1, 2021

Excerpt: “COVID-19 offered authoritarian regimes, such as China and Russia, an opportunity to manipulate news media to serve state ends. Researchers conducted a scalable proof-of-concept study for detecting state-level news manipulation. Using a scalable infrastructure for harvesting global news media, and using machine-learning and data analysis workflows, the research team found that both Russia and China appear to have employed information manipulation during the COVID-19 pandemic in service to their respective global agendas.”

Title: Amazon Web Services, Crowdstrike and Presidio Partner for Ransomware Mitigation Kit
Date Published: December 1, 2021

Excerpt: “The companies said the kit will provide “end-to-end white glove service to identify and protect against cyber threats, detect, and respond to risks as they occur and recover all critical data and applications prior to the breach.” Leveraging technology from CrowdStrike and CloudEndure, the kit offers enterprises visibility and breach protection across a range of digital assets, a beefed-up cloud security foundation, detection and attack prevention capabilities as well as response and attack mitigation tools.”

Title: NFT Support Scam, NFTishing
Date Published: December 1, 2021

Excerpt: “Scammers are impersonating NFT Marketplaces on Twitter and posing as the legitimate support Twitter account for these marketplaces, notably OpenSea. The scammers reply to individuals who need help and tell them to message the fake support account for assistance directly. In the DMs, this is where the nefarious activity goes down. The scammers instruct users to navigate to a fraudulent site which is a replica of the legitimate site. Users are told that in order to resolve their support inquiry, they need to “connect” or “sync” their wallet and are sent a link to the fraudulent site. Unbeknownst to the user, the process of “syncing” their wallet requires entering sensitive information on the fraudulent site.”

Title: Texas School District to Scan Children’s Devices
Date Published: December 1, 2021

Excerpt: “A school district in East Texas will start scanning digital devices used by its students to find out what they have been saying to and about one another.  Longview Independent School District (Longview ISD) has partnered with technology and web-hosting company Gaggle to scour district-issued devices and student emails for a particular set of keywords. With Gaggle’s software, the keywords can be detected and reported to school administrators.”

Title: Rushed Digital Transformation Is Creating Security Risks
Date Published: December 1, 2021

Excerpt: “There have been contributing factors to the haste. “Naivete combined with being overwhelmed is not a good mix,” says Stevan Bernard, former senior security adviser for International SOS and now CEO of cybersecurity firm Bernard Global. “The pandemic put us in a survival mode. For those who previously had little to no dependence on digital, whether in their business or their personal lives, being connected suddenly became essential, even urgent”.”

Title: Exploiting Windows 2008 Server by Eternal Blue Vulnerability to perform Data breach attack using Metasploit Framework (MS17–010)
Date Published: December 1, 2021

Excerpt: “MS17–010 or commonly known as “Eternal Blue vulnerability” was discovered by the National Security Agency (signal intelligence unit) of the United States of America. It was released because there were few testimonies from NSA employees, and it was leaked by the “shadow brokers” hacker group on April 14, 2017. A vulnerability that has been around for 4 years. It was then utilized for the famous “WannaCry” ransomware attack (the ransomware attack that cripple the whole UK hospital computer systems and later spread to the whole world).”

Title: State-Backed Hackers Increasingly Use RTF Injection for Phishing
Date Published: December 1, 2021

Excerpt: “Rich Text Format (RTF) files are a document format created by Microsoft that can be opened using Microsoft Word, WordPad, and other applications found on almost all operating systems. When creating RTF files, you can include an RTF Template that specifies how the text in the document should be formatted. These templates are local files imported into an RTF viewer before displaying the contents of the file to format it correctly. While RTF Templates are meant to be hosted locally, threat actors are now abusing this legitimate functionality to retrieve a URL resource instead of a local file resource.”

Title: Deepfake Technology and Its Implications for the Future of Cyber-Attacks
Date Published: December 1, 2021

Excerpt: “Imagine receiving a call from your CEO, someone you have never personally met but have heard speak at a variety of town halls and e-mailed video correspondences. This call says they really appreciate your work, and wondered if you would do them a small favor. After a slight pause, they ask you to purchase some gift cards for an upcoming raffle from whatever local retailer is close to you. They assure you the company will reimburse you, and apologizes for the inconvenience.”

Title: Mission “Patching Impossible” — Why ATM’s Every Vulnerability Is in Billions Worth
Date Published: December 1, 2021

Excerpt: “The first-ever logic attack was conducted in 2015 when payment terminals were attacked. The depositing money was emulated by malware, and then transactions were carried out from bank accounts to electronic money wallets. Such mechanisms are termed “Virtual cash acceptors,” where attackers learn about payment’s internal mechanisms and features. Recently, Kaspersky Lab revealed that a piece of malware that allows an attacker to control compromised ATMs remotely had been discovered after a Russian bank was targeted.”

Title: Behind the Man-in-the-Middle Attacks For Connected Cars: Real-Life Interception of Network Traffic Between Connected Car and Back-End Platforms
Date Published: December 1, 2021

Excerpt: “The danger that cyber-attacks, and MITM attacks in particular pose to the automotive industry can’t be underestimated. As technology in connected vehicles advances and becomes more sophisticated, so do the methods used by cyber criminals to attack or threaten victims worldwide. To tackle this, OEMs can rely on Penetration Testing (or pen-testing) which is performed by authorized professionals in order to exploit vulnerabilities in connected devices to determine whether malicious activity is possible. It allows organizations to gain deep insights on their system or vehicle’s possible vulnerabilities, comply with security standards, and verify staff awareness.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 Excerpt: “The duration of ransomware attacks in 2021...