March 11, 2022

Fortify Security Team
Mar 11, 2022

Title: REvil Ransomware Member Extradited to U.S. to Stand Trial for Kaseya Attack
Date Published: March 10, 2022

https://www.bleepingcomputer.com/news/security/revil-ransomware-member-extradited-to-us-to-stand-trial-for-kaseya-attack/

Excerpt: “The U.S. Department of Justice announced that alleged REvil ransomware affiliate, Yaroslav Vasinskyi, was extradited to the United States last week to stand trial for the Kaseya cyberattack. Vasinkyi, a 22-year-old Ukrainian national, was arrested in November 2021 while entering Poland for his cybercrime activities as a REvil member.”

Title:Anonymous Hacked Roskomnadzor Agency Revealing Russian Disinformation
Date Published: March 11, 2022

https://securityaffairs.co/wordpress/128922/hacking/anonymouys-hacked-russian-roskomnadzor.html

Excerpt: “Anonymous announced to have hacked the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media, also known as Roskomnadzor. The agency is responsible for monitoring, controlling and censoring Russian mass media and according to Anonymous, it is controlling the disinformation campaign about the ongoing invasion of Ukraine.”

Title: Raccoon Stealer Crawls Into Telegram
Date Published: March 11, 2022

https://threatpost.com/raccoon-stealer-telegram/178881/

Excerpt: “A credential stealer that first rose to popularity a couple of years ago is now abusing Telegram for command-and-control (C2). A range of cybercriminals continue to widen its attack surface through creative distribution means like this, researchers have reported. Raccoon Stealer, which first appeared on the scene in April 2019, has added the ability to store and update its own actual C2 addresses on Telegram’s infrastructure, according to a blog post published by Avast Threat Labs this week. This gives them a “convenient and reliable” command center on the platform that they can update on the fly, researchers said.”

Title: Consumers Demand a Digital Banking Experience with Security at its Foundation
Date Published: March 11, 2022

https://www.helpnetsecurity.com/2022/03/11/digital-banking-experience/

Excerpt: “The global transformation of banking and payments has only accelerated over the past few years, and between web trends and a global pandemic, the industry has seen disruption from all angles. Consumers are digitally connected in almost all facets of their lives — and it’s evident they expect the same from their banks and payment experiences, with consumers overwhelmingly expressing a preference for digital offerings from their financial institutions.”

Title: Internet Experts Propose Blocking Culpable Russian Sites
Date Published: March 10, 2022

https://www.bankinfosecurity.com/internet-experts-propose-blocking-culpable-russian-sites-a-18695

Excerpt: “In an open letter addressing last week’s request by the Ukrainian government to the web governance entity the Internet Corporation for Assigned Names and Numbers, dozens of researchers, internet activists, politicians and academics voiced their disapproval, instead calling for precise, measured sanctions that could more effectively weaken Russian military and propaganda efforts.”

Title: Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign
Date Published: March 10,  2022

https://thehackernews.com/2022/03/iranian-hackers-targeting-turkey-and.html

Excerpt: “The Iranian state-sponsored threat actor known as MuddyWater has been attributed to a new swarm of attacks targeting Turkey and the Arabian Peninsula with the goal of deploying remote access trojans (RATs) on compromised systems. “The MuddyWater supergroup is highly motivated and can use unauthorized access to conduct espionage, intellectual property theft, and deploy ransomware and destructive malware in an enterprise,” Cisco Talos researchers Asheer Malhotra, Vitor Ventura, and Arnaud Zobec said in a report published today.”

Title: CISA Official: Lower Reporting Thresholds for Cyber Incidents and Get Your CEO and Board Invested in Security
Date Published: March 10, 2022

https://www.scmagazine.com/analysis/cloud-security/cisa-official-lower-reporting-thresholds-for-cyber-incidents-and-get-your-ceo-and-board-invested-in-security

Excerpt: “A top official at the Cybersecurity and Infrastructure Security Agency cited increased visibility over cyber intrusions in the private sector, cultivating a stronger digital security workforce and making cybersecurity a top-of-mind issue for corporate board rooms as priorities. During a March 10 event hosted by Billington Cybersecurity, CISA Executive Assistant Director Eric Goldstein said it is important the agency (as well as the FBI) receive reporting from organizations who may be hit with a cyberattack from a foreign government or criminal enterprise.”

Title: Over 40% of Log4j Downloads Are Vulnerable Versions of the Software
Date Published: March 10, 2022

https://www.darkreading.com/vulnerabilities-threats/three-months-later-41-of-log4j-downloads-are-of-vulnerable-versions

Excerpt: “Three months after the Apache Foundation disclosed the infamous Lo4j vulnerability [CVE-2021-44228] and issued a fix for it, more than 4 in 10 downloads of the logging tool from the Maven Central Java package repository continue to be known vulnerable versions.”

Title: Russian Defense Firm Rostec Shuts Down Website After DDoS Attack
Date Published: March 11, 2022

https://www.bleepingcomputer.com/news/security/russian-defense-firm-rostec-shuts-down-website-after-ddos-attack/

Excerpt: “Rostec, a Russian state-owned aerospace and defense conglomerate, said its website was taken down today following what it described as a “cyberattack.” The state defense company says its website has been under constant siege since late February when Russia invaded its neighbor Ukraine without provocation.”

Title: Vodafone Investigates Claims of a Data Breach Made by Lapsus$ Gang
Date Published: March 11, 2022

https://securityaffairs.co/wordpress/128903/cyber-crime/vodafone-investigates-data-breach.html

Excerpt: “Vodafone announced to have launched an investigation after the Lapsus$ cybercrime group claimed to have stolen its source code. The Lapsus$ gang claims to have stolen approximately 200 GB of source code files, allegedly contained in 5,000 GitHub repositories.”

Recent Posts

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...

May 3, 2022

Title: Aruba and Avaya Network Switches are Vulnerable to RCE Attacks Date Published: May 3, 2022 https://www.bleepingcomputer.com/news/security/aruba-and-avaya-network-switches-are-vulnerable-to-rce-attacks/ Excerpt: “Security researchers have discovered five...

May 2, 2022

Title: U.S. DoD Tricked into Paying $23.5 Million to Phishing Actor Date Published: May 2, 2022 https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/ Excerpt: “The U.S. Department of Justice (DoJ) has announced the...

April 29, 2022

Title: EmoCheck now Detects New 64-bit Versions of Emotet Malware Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/emocheck-now-detects-new-64-bit-versions-of-emotet-malware/ Excerpt: “The Japan CERT has released a new version of their...

April 28, 2022

Title: New Bumblebee Malware Takes Over BazarLoader's Ransomware Delivery Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/ Excerpt: “A newly discovered malware loader...

April 27, 2022

Title: Chinese State-Backed Hackers now Target Russian State Officers Date Published: April 27, 2022 https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/ Excerpt: “Security researchers analyzing a phishing...