February 14, 2022

Fortify Security Team
Feb 14, 2022

Title: NFL’s San Francisco 49ers Hit by Blackbyte Ransomware Attack
Date Published: February 13, 2022

https://www.bleepingcomputer.com/news/security/nfls-san-francisco-49ers-hit-by-blackbyte-ransomware-attack/

Excerpt: “The NFL’s San Francisco 49ers team is recovering from a cyberattack by the BlackByte ransomware gang who claims to have stolen data from the American football organization.  The 49ers confirmed the attack in a statement to BleepingComputer and said it caused a temporary disruption to portions of their IT network. While the 49ers did not confirm whether hackers successfully deployed the ransomware, they said they are still in the process of recovering systems, indicating that devices were likely encrypted.”

Title: Alleged Ransomware Attack Disrupted Operations at Slovenia’s Pop TV Station
Date Published: February 14, 2022

https://securityaffairs.co/wordpress/127987/cyber-crime/slovenias-pop-tv-station-ransomware.html

Excerpt: “Last week, a cyber-attack has disrupted the operations of Pop TV, the Slovenian most popular TV channel. The attack, which likely was a ransomware attack, impacted the computer network of the TV channel and caused the cancellation of the evening edition of 24UR daily news show. Slovenian news agency Zurnal24 reported that the POP TV hit from threat actors from abroad that attempted to extort money to the company to restore its systems.”

Title: Online Fraud Skyrocketing: Gaming, Streaming, Social media, Travel and Ecommerce Hit the Most
Date Published: February 14, 2022

https://www.helpnetsecurity.com/2022/02/14/fake-consumer-account/

Excerpt: “An Arkose Labs report is warning UK commerce that it faces its most challenging year ever. Experts analyzed over 150 billion transaction requests across 254 countries and territories in 2021 over 12 months to discover that there has been an 85% increase in login attacks and fake consumer account creation at businesses. Alongside this, it identified that one in four new online accounts created were fake. A further 21% of all traffic was confirmed as a fraudulent cyber attack.”

Title: Russia Shutters 3 Carding Markets, Including Trump’s Dumps
Date Published: February 14, 2022

https://www.bankinfosecurity.com/russia-shutters-3-carding-markets-including-trumps-dumps-a-18506

Excerpt: “Russian authorities have continued to arrest alleged administrators of multiple Russian-language cybercrime markets and communities. It’s not clear if the arrests are being made as part of any Moscow-ordered crackdown in response to demands by the White House that Russia better disrupt cybercriminals hitting foreign targets from inside the country’s borders. But earlier this month Ferum Shop and Sky-Fraud went dark, with their homepages being replaced by takedown notices posted by the Russian government’s Ministry of Internal Affairs’ Department K, which focuses on technology crime, says threat-intelligence firm Flashpoint.”

Title: Critical Magento 0-Day Vulnerability Under Active Exploitation — Patch Released
Date Published: February 13, 2022

https://thehackernews.com/2022/02/critical-magento-0-day-vulnerability.html

Excerpt: “Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products that it said is being actively exploited in the wild. Tracked as CVE-2022-24086, the shortcoming has a CVSS score of 9.8 out of 10 on the vulnerability scoring system and has been characterized as an “improper input validation” issue that could be weaponized to achieve arbitrary code execution.”

Title: Microsoft is Making it Harder to Steal Windows Passwords from Memory
Date Published: February 13, 2022

https://www.bleepingcomputer.com/news/microsoft/microsoft-is-making-it-harder-to-steal-windows-passwords-from-memory/

Excerpt: “Microsoft is enabling a Microsoft Defender ‘Attack Surface Reduction’ security rule by default to block hackers’ attempts to steal Windows credentials from the LSASS process. When threat actors compromise a network, they attempt to spread laterally to other devices by stealing credentials or using exploits. One of the most common methods to steal Windows credentials is to gain admin privileges on a compromised device and then dump the memory of the Local Security Authority Server Service (LSASS) process running in Windows.”

Title: European Central Bank Tells Banks to Step up Defences Against Nation-State Attacks
Date Published: February 14, 2022

https://securityaffairs.co/wordpress/128004/breaking-news/european-central-bank-warns-russia-cyberattacks.html

Excerpt: “The European Central Bank is warning banks of possible Russia-linked cyber attack amid the rising crisis with Ukraine and is inviting them to step up defenses. The news was reported by Reuters, citing two unnamed sources. The ECB pointed out that addressing cybersecurity is a top priority for the European agency. “The European Central Bank is telling euro zone banks zone to step up their defences against cyber attacks, also in the context of geopolitical tensions such as the stand-off between Russia and Ukraine, the ECB’s top supervisor said on Thursday.” reported Reuters. ECB warned that the rising risk from cyber attacks begun in 2020.”

Title: Using Mobile Networks for Cyber Attacks as Part of a Warfare Strategy
Date Published: February 14, 2022

https://www.helpnetsecurity.com/2022/02/14/weaponized-mobile-network/

Excerpt: “AdaptiveMobile Security published a research which highlights how vulnerabilities in mobile network infrastructure could be weaponized in offensive military operations. Setting out how the combination of military and mobile telecom-enabled targeting capabilities can create a battlefield advantage; the paper illustrates the consistency of such a model with the concept of hybrid warfare.”

Title: Spanish Police Arrest SIM Swappers Who Stole Money from Victims Bank Accounts
Date Published: February 14, 2022

https://thehackernews.com/2022/02/spanish-police-arrest-sim-swappers-who.html

Excerpt: “Spain’s National Police Agency, the Policía Nacional, said last week it dismantled an unnamed cybercriminal organization and arrested eight individuals in connection with a series of SIM swapping attacks that were carried out with the goal of financial fraud. The suspects of the crime ring masqueraded as trustworthy representatives of banks and other organizations and used traditional phishing and smishing techniques to obtain personal information and bank data of victims before draining money from their accounts.”

Title: Organizations Paid at least $602 Million to Ransomware Gangs in 2021
Date Published: February 13, 2022

https://securityaffairs.co/wordpress/127974/cyber-crime/ransomware-payments-600m-2021.html

Excerpt: “Last week, cybersecurity agencies from the U.K., the U.S. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. According to a report published by the blockchain analysis firm Chainalysis, organizations have paid $602 million in cryptocurrency during 2021. These figures represent a slight decrease compared to last year when organizations paid $692 million in cryptocurrency, but Chainalysis experts warn that other payments could be identified in the next weeks.”

Recent Posts

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/critical-atlassian-confluence-zero-day-actively-used-in-attacks/ Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/conti-ransomware-targeted-intel-firmware-for-stealthy-attacks/ Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/ Excerpt: “The duration of ransomware attacks in 2021...

May 31, 2022

Title: Microsoft Shares Mitigation for Office Zero-Day Exploited in Attacks DatePublished: May 31, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-office-zero-day-exploited-in-attacks/ Excerpt: “Microsoft has shared mitigation...

May 31, 2022

Title: Microsoft Shares Mitigation for Office Zero-Day Exploited in Attacks DatePublished: May 31, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-office-zero-day-exploited-in-attacks/ Excerpt: “Microsoft has shared mitigation...

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...