February 24, 2022

Fortify Security Team
Feb 24, 2022

Title: Network Hackers Focus on Selling High-Value Targets in the U.S.
Date Published: February 23, 2022

https://www.bleepingcomputer.com/news/security/network-hackers-focus-on-selling-high-value-targets-in-the-us/

Excerpt: “A Crowdstrike report looking into access brokers’ advertisements since 2019 has identified a preference in academic, government, and technology entities based in the United States. Initial access brokers are a vital link in the cybercrime chain, as these threat actors are devoted to breaching corporate networks for future attacks. These brokers then sell access to these networks to other cybercriminals who will do the “dirty” and more risky work of deploying malware, ransomware, move laterally, conduct espionage, etc.”

Title: US and UK Link New Cyclops Blink Malware to Russian State Hackers
Date Published: February 24, 2022

https://securityaffairs.co/wordpress/128340/malware/cyclops-blink-sandworm-malware.html

Excerpt: “US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group. Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).”

Title: Samsung Shattered Encryption on 100M Phones
Date Published: February 23, 2022

https://threatpost.com/samsung-shattered-encryption-on-100m-phones/178606/

Excerpt: “Samsung shipped an estimated 100 million smartphones with botched encryption, including models ranging from the 2017 Galaxy S8 on up to last year’s Galaxy S21. Researchers at Tel Aviv University found what they called “severe” cryptographic design flaws that could have let attackers siphon the devices’ hardware-based cryptographic keys: keys that unlock the treasure trove of security-critical data that’s found in smartphones.”

Title: 5 Held in Ukraine Over Phishing Scam With 70,000 Victims
Date Published: February 23, 2022

https://www.bankinfosecurity.com/5-held-in-ukraine-over-phishing-scam-70000-victims-a-18590

Excerpt: “The Ukrainian cyber police have arrested five individuals charged with stealing credit card data from at least 70,000 people, using 40 separate phishing sites. “The suspects deceived the victims with the help of phishing websites, which disguised themselves as mobile account replenishment services. The pre-determined amount of losses reaches five million hryvnias ($172,500). The perpetrators could face up to eight years in prison,” the Ukrainian cyber police say.”

Title: CISA Alerts on Actively Exploited Flaws in Zabbix Network Monitoring Platform
Date Published: February 24, 2022

https://thehackernews.com/2022/02/cisa-alerts-on-actively-exploited-flaws.html

Excerpt: “The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of two security flaws impacting Zabbix open-source enterprise monitoring platform, adding them to its Known Exploited Vulnerabilities Catalog. On top of that, CISA is also recommending that Federal Civilian Executive Branch (FCEB) agencies patch all systems against the vulnerabilities by March 8, 2022 to reduce their exposure to potential cyberattacks.”

Title: Ransomware Trained on Manufacturing Firms Led Cyberattacks in Industrial Sector
Date Published: February 23, 2022

https://www.darkreading.com/attacks-breaches/ransomware-trained-on-manufacturing-firms-led-cyberattacks-in-industrial-sector

Excerpt: “As industrial network operators and their security teams operate on high alert over worries of potential disruptive attacks by Russian nation-state-controlled hacking teams amid the escalating crisis in Ukraine and US sanctions on Russia, the reality for most of them has been a painful surge in ransomware attacks over the past year.”

Title: Citibank Phishing Baits Customers with Fake Suspension Alerts
Date Published: February 24, 2022

https://www.bleepingcomputer.com/news/security/citibank-phishing-baits-customers-with-fake-suspension-alerts/

Excerpt: “An ongoing large-scale phishing campaign is targeting customers of Citibank, requesting recipients to disclose sensitive personal details to lift alleged account holds. The campaign uses emails that feature CitiBank logos, sender addresses that look genuine at first glance, and content that is free of typos.”

Title: New Wiper Malware HermeticWiper Targets Ukrainian Systems
Date Published: February 24, 2022

https://securityaffairs.co/wordpress/128349/malware/wiper-malware-hermeticwipe-ukrain.html

Excerpt: “The threat of hybrid warfare is reality, Russia-linked APT group have supported the operations of the Russian army while preparing for the invasion. Researchers from cybersecurity firms ESET and Broadcom’s Symantec discovered a new data wiper malware that was employed in a recent wave of attacks that hit hundreds of machines in Ukraine.”

Title: Warning — Deadbolt Ransomware Targeting ASUSTOR NAS Devices
Date Published: February 24, 2022

https://thehackernews.com/2022/02/warning-deadbolt-ransomware-targeting.html

Excerpt: “ASUSTOR network-attached storage (NAS) devices have become the latest victim of Deadbolt ransomware, less than a month after similar attacks singled out QNAP NAS appliances. In response to the infections, the company has released firmware updates (ADM 4.0.4.RQO2) to “fix related security issues.” The company is also urging users to take the following actions to keep data secure –”

Title: Malware Infiltrates Microsoft Store via Clones of Popular Games
Date Published: February 24, 2022

https://www.bleepingcomputer.com/news/security/malware-infiltrates-microsoft-store-via-clones-of-popular-games/

Excerpt: “A malware named Electron Bot has found its way into Microsoft’s Official Store through clones of popular games such as Subway Surfer and Temple Run, leading to the infection of roughly 5,000 computers in Sweden, Israel, Spain, and Bermuda. The malware, spotted and analyzed by cyber-intelligence firm Check Point, is a backdoor that gives the adversaries complete control over compromised machines, supporting remote command execution and real-time interactions.”

Recent Posts

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...

May 3, 2022

Title: Aruba and Avaya Network Switches are Vulnerable to RCE Attacks Date Published: May 3, 2022 https://www.bleepingcomputer.com/news/security/aruba-and-avaya-network-switches-are-vulnerable-to-rce-attacks/ Excerpt: “Security researchers have discovered five...

May 2, 2022

Title: U.S. DoD Tricked into Paying $23.5 Million to Phishing Actor Date Published: May 2, 2022 https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/ Excerpt: “The U.S. Department of Justice (DoJ) has announced the...

April 29, 2022

Title: EmoCheck now Detects New 64-bit Versions of Emotet Malware Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/emocheck-now-detects-new-64-bit-versions-of-emotet-malware/ Excerpt: “The Japan CERT has released a new version of their...

April 28, 2022

Title: New Bumblebee Malware Takes Over BazarLoader's Ransomware Delivery Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/ Excerpt: “A newly discovered malware loader...

April 27, 2022

Title: Chinese State-Backed Hackers now Target Russian State Officers Date Published: April 27, 2022 https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/ Excerpt: “Security researchers analyzing a phishing...