March 1, 2022

Fortify Security Team
Mar 1, 2022

Title: Reality Winner’s Twitter Account was Hacked to Target Journalists
Date Published: March 1, 2022

https://www.bleepingcomputer.com/news/security/reality-winners-twitter-account-was-hacked-to-target-journalists/

Excerpt: “Twitter account of former intelligence specialist, Reality Winner was hacked over the weekend by threat actors looking to target journalists at prominent media organizations. Hackers took over Winner’s verified Twitter account and changed the profile name to “Feedback Team” to impersonate Twitter staff before sending out suspicious DMs to verified users.”

Title: Anonymous Hit Russian Nuclear Institute and Leak Stolen Data
Date Published: February 28, 2022

https://securityaffairs.co/wordpress/128527/hacktivism/anonymous-hit-russian-nuclear-institute.html

Excerpt: “Anonymous and numerous hacker groups linked to the popular collective continue to launch cyber attacks against Russian and Belarussian government organizations and private businesses. In the last few days massive DDoS attacks have taken offline numerous websites of Russian government entities, including the Duma and Ministry of Defense.”

Title: Microsoft Accounts Targeted by Russian-Themed Credential Harvesting
Date Published: March 1, 2022

https://threatpost.com/microsoft-accounts-targeted-russian-credential-harvesting/178698/

Excerpt: “While legitimate concerns abound about the Russian-Ukrainian conflict sparking a far-reaching cyberwarfare conflagration around the globe, small-time crooks are also ramping up their efforts amid the crisis. Phishing emails to Microsoft users warning of Moscow-led account hacking have started to make the rounds, looking to lift credentials and other personal details.”

Title: Lack of Visibility Plaguing ICS Environments
Date Published: March 1, 2022

https://www.helpnetsecurity.com/2022/03/01/cyber-threats-ics-ot/

Excerpt: “Dragos released its report on cyber threats facing industrial organizations, naming the emergence of three new threat groups targeting ICS/OT environments, including two that have gained access into the OT systems of industrial organizations.”

Title: Anonymous Extends Its Russian Cyberwar to State-Run Media
Date Published: February 28, 2022

https://www.bankinfosecurity.com/anonymous-extends-its-russian-cyberwar-to-state-run-media-a-18631

Excerpt: “As Russia continues its invasion of Ukraine, Western governments and certain hacktivists remain steadfast in their opposition. The international hacktivist collective Anonymous says on social media that it has successfully hacked websites connected to the Russian government, state media and banks.”

Title: Microsoft Finds FoxBlade Malware Hit Ukraine Hours Before Russian Invasion
Date Published: March 1, 2022

https://thehackernews.com/2022/03/microsoft-finds-foxblade-malware-hit.html

Excerpt: “Microsoft on Monday disclosed that it detected a new round of offensive and destructive cyberattacks directed against Ukraine’s digital infrastructure hours before Russia launched its first missile strikes last week. The intrusions involved the use of a never-before-seen malware package dubbed FoxBlade, according to the tech giant’s Threat Intelligence Center (MSTIC), noting that it added new signatures to its Defender anti-malware service to detect the exploit within three hours of the discovery.”

Title: OCR Director Urges Providers to Strengthen Cyber Posture, Risk Management
Date Published: February 28, 2022

https://www.scmagazine.com/analysis/asset-management/ocr-director-urges-providers-to-strengthen-cyber-posture-risk-management

Excerpt: “Office for Civil Rights Director Lisa Pino is urging all healthcare delivery organizations and business associates to prioritize cybersecurity, risk management and patient privacy, a key concern for the Department of Health and Human Services.”

Title: Toyota Halts Production After Suspected Supply Chain Attack
Date Published: February 28, 2022

https://www.darkreading.com/attacks-breaches/toyota-halts-production-after-suspected-supply-chain-attack

Excerpt: “Japanese automobile giant Toyota says it will halt production at all 28 lines of its 14 plants in Japan starting March 1, after a “system failure” at a supplier caused problems with its just-in-time production control system.”

Title: Microsoft: Windows Domain Controller Restarts Caused by LSASS Crashes
Date Published: March 1, 2022

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-domain-controller-restarts-caused-by-lsass-crashes/

Excerpt: “Microsoft shared info on a now-fixed known issue leading to Local Security Authority Subsystem Service (LSASS) crashes and Windows Server domain controller. The LSASS Windows service is responsible enforces security policies, and it is used to handle access token creation, password changes, and user logins.”

Title: CISA and FBI Warn of Potential Data Wiping Attacks Spillover
Date Published: March 1, 2022

https://securityaffairs.co/wordpress/128534/malware/cisa-and-fbi-warn-of-potential-data-wiping-attacks-spillover.html

Excerpt: “The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory to warn US organizations of data wiping attacks targeting Ukraine that could hit targets worldwide. The advisory warns of the potential effects of the two destructive malware, tracked as WhisperGate and HermeticWiper, on organizations worldwide.”

Recent Posts

September 16, 2022

Title: Uber hacked, internal systems breached and vulnerability reports stolen Date Published: September 16, 2022 https://www.bleepingcomputer.com/news/security/uber-hacked-internal-systems-breached-and-vulnerability-reports-stolen/ Excerpt: “Uber suffered a...

September 15, 2022

Title: Webworm hackers modify old malware in new attacks to evade attribution Date Published: September 15, 2022 https://www.bleepingcomputer.com/news/security/webworm-hackers-modify-old-malware-in-new-attacks-to-evade-attribution/ Excerpt: “The Chinese 'Webworm'...

September 14, 2022

Title: Chinese hackers create Linux version of the SideWalk Windows malware Date Published: September 14, 2022 https://www.bleepingcomputer.com/news/security/chinese-hackers-create-linux-version-of-the-sidewalk-windows-malware/ Excerpt: “State-backed Chinese hackers...

September 13, 2022

Title: Cyberspies drop new infostealer malware on govt networks in Asia Date Published: September 13, 2022 https://www.bleepingcomputer.com/news/security/cyberspies-drop-new-infostealer-malware-on-govt-networks-in-asia/ Excerpt: “Security researchers have identified...

September 12, 2022

Title: Cisco confirms Yanluowang ransomware leaked stolen company data Date Published: September 12, 2022 https://www.bleepingcomputer.com/news/security/cisco-confirms-yanluowang-ransomware-leaked-stolen-company-data/ Excerpt: “Cisco has confirmed that the data leaked...

September 9, 2022

Title: Bumblebee Malware Adds Post-exploitation Tool for Stealthy Infections Date Published: September 8, 2022 https://www.bleepingcomputer.com/news/security/bumblebee-malware-adds-post-exploitation-tool-for-stealthy-infections/ Excerpt: “A new version of the...

September 8, 2022

Title: North Korean Lazarus Hackers Take Aim at U.S. Energy Providers Date Published: September 8, 2022 https://www.bleepingcomputer.com/news/security/north-korean-lazarus-hackers-take-aim-at-us-energy-providers/ Excerpt: “The North Korean APT group 'Lazarus' (APT38)...