February 14, 2022

Fortify Security Team
Feb 14, 2022

Title: NFL’s San Francisco 49ers Hit by Blackbyte Ransomware Attack
Date Published: February 13, 2022


Excerpt: “The NFL’s San Francisco 49ers team is recovering from a cyberattack by the BlackByte ransomware gang who claims to have stolen data from the American football organization.  The 49ers confirmed the attack in a statement to BleepingComputer and said it caused a temporary disruption to portions of their IT network. While the 49ers did not confirm whether hackers successfully deployed the ransomware, they said they are still in the process of recovering systems, indicating that devices were likely encrypted.”

Title: Alleged Ransomware Attack Disrupted Operations at Slovenia’s Pop TV Station
Date Published: February 14, 2022


Excerpt: “Last week, a cyber-attack has disrupted the operations of Pop TV, the Slovenian most popular TV channel. The attack, which likely was a ransomware attack, impacted the computer network of the TV channel and caused the cancellation of the evening edition of 24UR daily news show. Slovenian news agency Zurnal24 reported that the POP TV hit from threat actors from abroad that attempted to extort money to the company to restore its systems.”

Title: Online Fraud Skyrocketing: Gaming, Streaming, Social media, Travel and Ecommerce Hit the Most
Date Published: February 14, 2022


Excerpt: “An Arkose Labs report is warning UK commerce that it faces its most challenging year ever. Experts analyzed over 150 billion transaction requests across 254 countries and territories in 2021 over 12 months to discover that there has been an 85% increase in login attacks and fake consumer account creation at businesses. Alongside this, it identified that one in four new online accounts created were fake. A further 21% of all traffic was confirmed as a fraudulent cyber attack.”

Title: Russia Shutters 3 Carding Markets, Including Trump’s Dumps
Date Published: February 14, 2022


Excerpt: “Russian authorities have continued to arrest alleged administrators of multiple Russian-language cybercrime markets and communities. It’s not clear if the arrests are being made as part of any Moscow-ordered crackdown in response to demands by the White House that Russia better disrupt cybercriminals hitting foreign targets from inside the country’s borders. But earlier this month Ferum Shop and Sky-Fraud went dark, with their homepages being replaced by takedown notices posted by the Russian government’s Ministry of Internal Affairs’ Department K, which focuses on technology crime, says threat-intelligence firm Flashpoint.”

Title: Critical Magento 0-Day Vulnerability Under Active Exploitation — Patch Released
Date Published: February 13, 2022


Excerpt: “Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products that it said is being actively exploited in the wild. Tracked as CVE-2022-24086, the shortcoming has a CVSS score of 9.8 out of 10 on the vulnerability scoring system and has been characterized as an “improper input validation” issue that could be weaponized to achieve arbitrary code execution.”

Title: Microsoft is Making it Harder to Steal Windows Passwords from Memory
Date Published: February 13, 2022


Excerpt: “Microsoft is enabling a Microsoft Defender ‘Attack Surface Reduction’ security rule by default to block hackers’ attempts to steal Windows credentials from the LSASS process. When threat actors compromise a network, they attempt to spread laterally to other devices by stealing credentials or using exploits. One of the most common methods to steal Windows credentials is to gain admin privileges on a compromised device and then dump the memory of the Local Security Authority Server Service (LSASS) process running in Windows.”

Title: European Central Bank Tells Banks to Step up Defences Against Nation-State Attacks
Date Published: February 14, 2022


Excerpt: “The European Central Bank is warning banks of possible Russia-linked cyber attack amid the rising crisis with Ukraine and is inviting them to step up defenses. The news was reported by Reuters, citing two unnamed sources. The ECB pointed out that addressing cybersecurity is a top priority for the European agency. “The European Central Bank is telling euro zone banks zone to step up their defences against cyber attacks, also in the context of geopolitical tensions such as the stand-off between Russia and Ukraine, the ECB’s top supervisor said on Thursday.” reported Reuters. ECB warned that the rising risk from cyber attacks begun in 2020.”

Title: Using Mobile Networks for Cyber Attacks as Part of a Warfare Strategy
Date Published: February 14, 2022


Excerpt: “AdaptiveMobile Security published a research which highlights how vulnerabilities in mobile network infrastructure could be weaponized in offensive military operations. Setting out how the combination of military and mobile telecom-enabled targeting capabilities can create a battlefield advantage; the paper illustrates the consistency of such a model with the concept of hybrid warfare.”

Title: Spanish Police Arrest SIM Swappers Who Stole Money from Victims Bank Accounts
Date Published: February 14, 2022


Excerpt: “Spain’s National Police Agency, the Policía Nacional, said last week it dismantled an unnamed cybercriminal organization and arrested eight individuals in connection with a series of SIM swapping attacks that were carried out with the goal of financial fraud. The suspects of the crime ring masqueraded as trustworthy representatives of banks and other organizations and used traditional phishing and smishing techniques to obtain personal information and bank data of victims before draining money from their accounts.”

Title: Organizations Paid at least $602 Million to Ransomware Gangs in 2021
Date Published: February 13, 2022


Excerpt: “Last week, cybersecurity agencies from the U.K., the U.S. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. According to a report published by the blockchain analysis firm Chainalysis, organizations have paid $602 million in cryptocurrency during 2021. These figures represent a slight decrease compared to last year when organizations paid $692 million in cryptocurrency, but Chainalysis experts warn that other payments could be identified in the next weeks.”

Recent Posts

July 17, 2023

Title: Thousands of Images on Docker Hub Leak Auth Secrets, Private Keys Date Published: July 16, 2023 https://www.bleepingcomputer.com/news/security/thousands-of-images-on-docker-hub-leak-auth-secrets-private-keys/ Excerpt: “Researchers at the RWTH Aachen University...

July 14, 2023

Title: Indexing Over 15 Million WordPress Websites with PWNPress Date Published: July 14, 2023 https://securityaffairs.com/148465/hacking/pwnpress-platform.html Excerpt: “Sicuranex’s PWNPress platform indexed over 15 million WordPress websites, it collects data...

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/us-health-dept-warns-of-royal-ransomware-targeting-healthcare/ Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/new-zombinder-platform-binds-android-malware-with-legitimate-apps/ Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 https://www.welivesecurity.com/2022/12/07/fantasy-new-agrius-wiper-supply-chain-attack/ Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 https://www.zdnet.com/article/this-badly-made-ransomware-cant-decrypt-your-files-even-if-you-pay-the-ransom/ Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 https://www.bleepingcomputer.com/news/security/sim-swapper-gets-18-months-for-involvement-in-22-million-crypto-heist/ Excerpt: “Florida man Nicholas Truglia...