March 1, 2022

Fortify Security Team
Mar 1, 2022

Title: Reality Winner’s Twitter Account was Hacked to Target Journalists
Date Published: March 1, 2022

https://www.bleepingcomputer.com/news/security/reality-winners-twitter-account-was-hacked-to-target-journalists/

Excerpt: “Twitter account of former intelligence specialist, Reality Winner was hacked over the weekend by threat actors looking to target journalists at prominent media organizations. Hackers took over Winner’s verified Twitter account and changed the profile name to “Feedback Team” to impersonate Twitter staff before sending out suspicious DMs to verified users.”

Title: Anonymous Hit Russian Nuclear Institute and Leak Stolen Data
Date Published: February 28, 2022

https://securityaffairs.co/wordpress/128527/hacktivism/anonymous-hit-russian-nuclear-institute.html

Excerpt: “Anonymous and numerous hacker groups linked to the popular collective continue to launch cyber attacks against Russian and Belarussian government organizations and private businesses. In the last few days massive DDoS attacks have taken offline numerous websites of Russian government entities, including the Duma and Ministry of Defense.”

Title: Microsoft Accounts Targeted by Russian-Themed Credential Harvesting
Date Published: March 1, 2022

https://threatpost.com/microsoft-accounts-targeted-russian-credential-harvesting/178698/

Excerpt: “While legitimate concerns abound about the Russian-Ukrainian conflict sparking a far-reaching cyberwarfare conflagration around the globe, small-time crooks are also ramping up their efforts amid the crisis. Phishing emails to Microsoft users warning of Moscow-led account hacking have started to make the rounds, looking to lift credentials and other personal details.”

Title: Lack of Visibility Plaguing ICS Environments
Date Published: March 1, 2022

https://www.helpnetsecurity.com/2022/03/01/cyber-threats-ics-ot/

Excerpt: “Dragos released its report on cyber threats facing industrial organizations, naming the emergence of three new threat groups targeting ICS/OT environments, including two that have gained access into the OT systems of industrial organizations.”

Title: Anonymous Extends Its Russian Cyberwar to State-Run Media
Date Published: February 28, 2022

https://www.bankinfosecurity.com/anonymous-extends-its-russian-cyberwar-to-state-run-media-a-18631

Excerpt: “As Russia continues its invasion of Ukraine, Western governments and certain hacktivists remain steadfast in their opposition. The international hacktivist collective Anonymous says on social media that it has successfully hacked websites connected to the Russian government, state media and banks.”

Title: Microsoft Finds FoxBlade Malware Hit Ukraine Hours Before Russian Invasion
Date Published: March 1, 2022

https://thehackernews.com/2022/03/microsoft-finds-foxblade-malware-hit.html

Excerpt: “Microsoft on Monday disclosed that it detected a new round of offensive and destructive cyberattacks directed against Ukraine’s digital infrastructure hours before Russia launched its first missile strikes last week. The intrusions involved the use of a never-before-seen malware package dubbed FoxBlade, according to the tech giant’s Threat Intelligence Center (MSTIC), noting that it added new signatures to its Defender anti-malware service to detect the exploit within three hours of the discovery.”

Title: OCR Director Urges Providers to Strengthen Cyber Posture, Risk Management
Date Published: February 28, 2022

https://www.scmagazine.com/analysis/asset-management/ocr-director-urges-providers-to-strengthen-cyber-posture-risk-management

Excerpt: “Office for Civil Rights Director Lisa Pino is urging all healthcare delivery organizations and business associates to prioritize cybersecurity, risk management and patient privacy, a key concern for the Department of Health and Human Services.”

Title: Toyota Halts Production After Suspected Supply Chain Attack
Date Published: February 28, 2022

https://www.darkreading.com/attacks-breaches/toyota-halts-production-after-suspected-supply-chain-attack

Excerpt: “Japanese automobile giant Toyota says it will halt production at all 28 lines of its 14 plants in Japan starting March 1, after a “system failure” at a supplier caused problems with its just-in-time production control system.”

Title: Microsoft: Windows Domain Controller Restarts Caused by LSASS Crashes
Date Published: March 1, 2022

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-domain-controller-restarts-caused-by-lsass-crashes/

Excerpt: “Microsoft shared info on a now-fixed known issue leading to Local Security Authority Subsystem Service (LSASS) crashes and Windows Server domain controller. The LSASS Windows service is responsible enforces security policies, and it is used to handle access token creation, password changes, and user logins.”

Title: CISA and FBI Warn of Potential Data Wiping Attacks Spillover
Date Published: March 1, 2022

https://securityaffairs.co/wordpress/128534/malware/cisa-and-fbi-warn-of-potential-data-wiping-attacks-spillover.html

Excerpt: “The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory to warn US organizations of data wiping attacks targeting Ukraine that could hit targets worldwide. The advisory warns of the potential effects of the two destructive malware, tracked as WhisperGate and HermeticWiper, on organizations worldwide.”

Recent Posts

July 17, 2023

Title: Thousands of Images on Docker Hub Leak Auth Secrets, Private Keys Date Published: July 16, 2023 https://www.bleepingcomputer.com/news/security/thousands-of-images-on-docker-hub-leak-auth-secrets-private-keys/ Excerpt: “Researchers at the RWTH Aachen University...

July 14, 2023

Title: Indexing Over 15 Million WordPress Websites with PWNPress Date Published: July 14, 2023 https://securityaffairs.com/148465/hacking/pwnpress-platform.html Excerpt: “Sicuranex’s PWNPress platform indexed over 15 million WordPress websites, it collects data...

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/us-health-dept-warns-of-royal-ransomware-targeting-healthcare/ Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/new-zombinder-platform-binds-android-malware-with-legitimate-apps/ Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 https://www.welivesecurity.com/2022/12/07/fantasy-new-agrius-wiper-supply-chain-attack/ Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 https://www.zdnet.com/article/this-badly-made-ransomware-cant-decrypt-your-files-even-if-you-pay-the-ransom/ Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 https://www.bleepingcomputer.com/news/security/sim-swapper-gets-18-months-for-involvement-in-22-million-crypto-heist/ Excerpt: “Florida man Nicholas Truglia...