March 11, 2022

Fortify Security Team
Mar 11, 2022

Title: REvil Ransomware Member Extradited to U.S. to Stand Trial for Kaseya Attack
Date Published: March 10, 2022

Excerpt: “The U.S. Department of Justice announced that alleged REvil ransomware affiliate, Yaroslav Vasinskyi, was extradited to the United States last week to stand trial for the Kaseya cyberattack. Vasinkyi, a 22-year-old Ukrainian national, was arrested in November 2021 while entering Poland for his cybercrime activities as a REvil member.”

Title:Anonymous Hacked Roskomnadzor Agency Revealing Russian Disinformation
Date Published: March 11, 2022

Excerpt: “Anonymous announced to have hacked the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media, also known as Roskomnadzor. The agency is responsible for monitoring, controlling and censoring Russian mass media and according to Anonymous, it is controlling the disinformation campaign about the ongoing invasion of Ukraine.”

Title: Raccoon Stealer Crawls Into Telegram
Date Published: March 11, 2022

Excerpt: “A credential stealer that first rose to popularity a couple of years ago is now abusing Telegram for command-and-control (C2). A range of cybercriminals continue to widen its attack surface through creative distribution means like this, researchers have reported. Raccoon Stealer, which first appeared on the scene in April 2019, has added the ability to store and update its own actual C2 addresses on Telegram’s infrastructure, according to a blog post published by Avast Threat Labs this week. This gives them a “convenient and reliable” command center on the platform that they can update on the fly, researchers said.”

Title: Consumers Demand a Digital Banking Experience with Security at its Foundation
Date Published: March 11, 2022

Excerpt: “The global transformation of banking and payments has only accelerated over the past few years, and between web trends and a global pandemic, the industry has seen disruption from all angles. Consumers are digitally connected in almost all facets of their lives — and it’s evident they expect the same from their banks and payment experiences, with consumers overwhelmingly expressing a preference for digital offerings from their financial institutions.”

Title: Internet Experts Propose Blocking Culpable Russian Sites
Date Published: March 10, 2022

Excerpt: “In an open letter addressing last week’s request by the Ukrainian government to the web governance entity the Internet Corporation for Assigned Names and Numbers, dozens of researchers, internet activists, politicians and academics voiced their disapproval, instead calling for precise, measured sanctions that could more effectively weaken Russian military and propaganda efforts.”

Title: Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign
Date Published: March 10,  2022

Excerpt: “The Iranian state-sponsored threat actor known as MuddyWater has been attributed to a new swarm of attacks targeting Turkey and the Arabian Peninsula with the goal of deploying remote access trojans (RATs) on compromised systems. “The MuddyWater supergroup is highly motivated and can use unauthorized access to conduct espionage, intellectual property theft, and deploy ransomware and destructive malware in an enterprise,” Cisco Talos researchers Asheer Malhotra, Vitor Ventura, and Arnaud Zobec said in a report published today.”

Title: CISA Official: Lower Reporting Thresholds for Cyber Incidents and Get Your CEO and Board Invested in Security
Date Published: March 10, 2022

Excerpt: “A top official at the Cybersecurity and Infrastructure Security Agency cited increased visibility over cyber intrusions in the private sector, cultivating a stronger digital security workforce and making cybersecurity a top-of-mind issue for corporate board rooms as priorities. During a March 10 event hosted by Billington Cybersecurity, CISA Executive Assistant Director Eric Goldstein said it is important the agency (as well as the FBI) receive reporting from organizations who may be hit with a cyberattack from a foreign government or criminal enterprise.”

Title: Over 40% of Log4j Downloads Are Vulnerable Versions of the Software
Date Published: March 10, 2022

Excerpt: “Three months after the Apache Foundation disclosed the infamous Lo4j vulnerability [CVE-2021-44228] and issued a fix for it, more than 4 in 10 downloads of the logging tool from the Maven Central Java package repository continue to be known vulnerable versions.”

Title: Russian Defense Firm Rostec Shuts Down Website After DDoS Attack
Date Published: March 11, 2022

Excerpt: “Rostec, a Russian state-owned aerospace and defense conglomerate, said its website was taken down today following what it described as a “cyberattack.” The state defense company says its website has been under constant siege since late February when Russia invaded its neighbor Ukraine without provocation.”

Title: Vodafone Investigates Claims of a Data Breach Made by Lapsus$ Gang
Date Published: March 11, 2022

Excerpt: “Vodafone announced to have launched an investigation after the Lapsus$ cybercrime group claimed to have stolen its source code. The Lapsus$ gang claims to have stolen approximately 200 GB of source code files, allegedly contained in 5,000 GitHub repositories.”

Recent Posts

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 Excerpt: “Florida man Nicholas Truglia...

December 2, 2022

Title: New Go-Based Redigo Malware Targets Redis Servers Date Published: December 1, 2022 Excerpt: “Redigo is a new Go-based malware employed in attacks against Redis servers...

December 1, 2022

Title: Keralty Ransomware Attack Impacts Colombia’s Health Care System Date Published: November 30, 2022 Excerpt: “The Keralty multinational healthcare...

November 30, 2022

Title: China-Linked UNC4191 APT Relies on USB Devices in Attacks Against Entities in the Philippines Date Published: November 30, 2022 Excerpt: “An alleged China-linked cyberespionage group,...

November 30, 2022

Title: China-Linked UNC4191 APT Relies on USB Devices in Attacks Against Entities in the Philippines Date Published: November 30, 2022 Excerpt: “An alleged China-linked cyberespionage group,...

November 29, 2022

Title: Malicious Android App Found Powering Account Creation Service Date Published: November 28, 2022 Excerpt: “A fake Android SMS application, with 100,000...

November 28, 2022

Title: Ransomboggs Ransomware Hit Several Ukrainian Entities, Experts Attribute It to Russia Date Published: November 28, 2022 Excerpt: “Several Ukrainian...