February 22, 2022

Fortify Security Team
Feb 22, 2022

Title: Cookware Giant Meyer Discloses Cyberattack that Impacted Employees
Date Published: February 21, 2022

https://www.bleepingcomputer.com/news/security/cookware-giant-meyer-discloses-cyberattack-that-impacted-employees/

Excerpt: “Meyer Corporation, the largest cookware distributor in the U.S., and the second-largest globally, has informed U.S. Attorney General offices of a data breach affecting thousands of its employees. According to the notification letter shared with the U.S. Attorney General offices of Maine and California, Meyer fell victim to a cyberattack on October 25, 2021. In response, the firm launched an investigation that was concluded on December 1, 2021, revealing that threat actors gained access to personal information belonging to employees of Meyer and its subsidiaries.”

Title: A Cyber Attack Heavily Impacted Operations of Expeditors International
Date Published: February 22, 2022

https://securityaffairs.co/wordpress/128268/hacking/expeditors-international-cyber-attack.html

Excerpt: “Expeditors company has over 18,000 employees worldwide and has annual gross revenue of around $10 billion. The company discovered the attack on February 20, 2022, it doesn’t provide details about the attack and announced to have launched an investigation into the incident.”

Title: Social Media Attacks Surged in 2021, Financial Institutions Targeted the Most
Date Published: February 21, 2022

https://www.helpnetsecurity.com/2022/02/21/social-media-attacks-2021/

Excerpt: “Social media as a threat channel saw a two-fold increase in attacks throughout 2021, according to a report from PhishLabs. In Q4 and throughout 2021, PhishLabs analysed hundreds of thousands of phishing and social media attacks targeting enterprises, their employees, and brands. The report provides an analysis of the latest findings and insights into key trends shaping the threat landscape.”

Title: NFT Investors Lose $1.7M in OpenSea Phishing Attack
Date Published: February 21, 2022

https://threatpost.com/nft-investors-lose-1-7m-in-opensea-phishing-attack/178558/

Excerpt: “Over the weekend, hackers stole millions of dollars worth of non-fungible tokens (NFTs) belonging to 17 members of the OpenSea NFT marketplace. On Saturday, a small number of OpenSea users noticed their NFTs were missing. (NFTs are digital tokens on the blockchain that represent ownership over virtual assets, such as digital drawings or music.)”

Title: Revamped CryptBot Malware Spread by Pirated Software Sites
Date Published: February 21, 2022

https://www.bleepingcomputer.com/news/security/revamped-cryptbot-malware-spread-by-pirated-software-sites/

Excerpt: “A new version of the CryptBot info stealer was seen in distribution via multiple websites that offer free downloads of cracks for games and pro-grade software. CryptBot is a Windows malware that steals information from infected devices, including saved browser credentials, cookies, browser history, cryptocurrency wallets, credit cards, and files.”

Title: As Russia Invades Ukraine, Cyber Escalation Threat Looms
Date Published: February 22, 2022

https://www.bankinfosecurity.com/as-russia-invades-ukraine-cyber-escalation-threat-looms-a-18575

Excerpt: “Russian troops have entered Ukraine. But it’s not clear if that military incursion alone will trigger strong sanctions by the U.S. and NATO allies, or be backed by cyberattacks that target Ukraine or its allies.”

Title: New Android Banking Trojan Spreading via Google Play Store Targets Europeans
Date Published: February 21, 2022

https://thehackernews.com/2022/02/xenomorph-android-banking.html

Excerpt: “A new Android banking trojan with over 50,000 installations has been observed distributed via the official Google Play Store with the goal of targeting 56 European banks and carrying out harvesting sensitive information from compromised devices. Dubbed Xenomorph by Dutch security firm ThreatFabric, the in-development malware is said to share overlaps with another banking trojan tracked under the moniker Alien while also being “radically different” from its predecessor in terms of the functionalities offered.”

Title: Police Bust Phishing Group that Used 40 Sites to Steal Credit Cards
Date Published: February 22, 2022

https://www.bleepingcomputer.com/news/security/police-bust-phishing-group-that-used-40-sites-to-steal-credit-cards/

Excerpt: “The Ukrainian cyberpolice have arrested a group of phishing actors who managed to steal payment card data from at least 70,000 people after luring them to fake mobile service top up sites. According to the announcement from law enforcement, the actors used the stolen information to empty their victims’ bank accounts.”

Title: China-linked APT10 Target Taiwan’s Financial Trading Industry
Date Published: February 22, 2022

https://securityaffairs.co/wordpress/128273/apt/apt10-targets-taiwan-financial-trading.html

Excerpt: “The campaign was launched by the APT10 group started in November 2021, but it hit a peak between 10 and 13 2022, Taiwanese cybersecurity firm CyCraft reported. The group (also known as Cicada, Stone Panda, MenuPass group, Bronze Riverside, and Cloud Hopper) has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper, targeting managed service providers (MSPs) in multiple countries worldwide. In November 2020, researchers uncovered a large-scale campaign conducted by China-linked APT10 targeting businesses using the recently-disclosed ZeroLogon vulnerability.”

Title: Hackers Backdoor Unpatched Microsoft SQL Database Servers with Cobalt Strike
Date Published: February 21, 2022

https://thehackernews.com/2022/02/hackers-backdoor-unpatched-microsoft.html

Excerpt: “Vulnerable internet-facing Microsoft SQL (MS SQL) Servers are being targeted by threat actors as part of a new campaign to deploy the Cobalt Strike adversary simulation tool on compromised hosts. “Attacks that target MS SQL servers include attacks to the environment where its vulnerability has not been patched, brute forcing, and dictionary attack against poorly managed servers,” South Korean cybersecurity company AhnLab Security Emergency Response Center (ASEC) said in a report published Monday.”

Recent Posts

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...

May 3, 2022

Title: Aruba and Avaya Network Switches are Vulnerable to RCE Attacks Date Published: May 3, 2022 https://www.bleepingcomputer.com/news/security/aruba-and-avaya-network-switches-are-vulnerable-to-rce-attacks/ Excerpt: “Security researchers have discovered five...

May 2, 2022

Title: U.S. DoD Tricked into Paying $23.5 Million to Phishing Actor Date Published: May 2, 2022 https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/ Excerpt: “The U.S. Department of Justice (DoJ) has announced the...

April 29, 2022

Title: EmoCheck now Detects New 64-bit Versions of Emotet Malware Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/emocheck-now-detects-new-64-bit-versions-of-emotet-malware/ Excerpt: “The Japan CERT has released a new version of their...

April 28, 2022

Title: New Bumblebee Malware Takes Over BazarLoader's Ransomware Delivery Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/ Excerpt: “A newly discovered malware loader...

April 27, 2022

Title: Chinese State-Backed Hackers now Target Russian State Officers Date Published: April 27, 2022 https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/ Excerpt: “Security researchers analyzing a phishing...