March 14, 2022

Fortify Security Team
Mar 14, 2022

Title: Ubisoft Confirms ‘Cyber Security Incident’, Resets Staff Passwords
Date Published: March 12, 2022

https://www.bleepingcomputer.com/news/security/ubisoft-confirms-cyber-security-incident-resets-staff-passwords/

Excerpt: “Video game developer Ubisoft has confirmed that it suffered a ‘cyber security incident’ that caused disruption to its games, systems, and services. The announcement comes after multiple Ubisoft users had reported issues last week accessing their Ubisoft service.”

Title:Brazilian Trojan Impacting Portuguese Users and Using the Same Capabilities Seen in Other Latin American Threats
Date Published: March 14, 2022

https://securityaffairs.co/wordpress/129024/malware/brazilian-trojan-tragets-portuguese-users.html
Excerpt: “A new variant of a Brazilian trojan has impacted Internet end users in Portugal since last month (February 2022). Although there are no significant differences and sophistication in contrast to other well-known trojans such as Maxtrilha, URSA, and Javali, an analysis of the artifacts and IOCs obtained from this campaign is presented below.”

Title: Poor Data Sanitization Practices Put Public Sector Data at Risk
Date Published: March 14, 2022

https://www.helpnetsecurity.com/2022/03/14/public-sector-device-sanitization/

Excerpt: “A research launched by Blancco Technology Group reveals current practices and policies for device sanitization within the public sector. Researchers spoke to 596 government IT leaders across nine countries. The survey revealed that the governments and public sector organizations represented spend as much as $17M annually on the physical destruction of solid-state drives (SSDs), a data storage device widely used both independently and within laptops, desktops, and servers.”

Title: Russia’s War Further Complicates Cybercrime Ransom Payments
Date Published: March 14, 2022

https://www.bankinfosecurity.com/russias-war-further-complicates-cybercrime-ransom-payments-a-18712

Excerpt: “What are the ethics of paying a ransom to a cybercrime syndicate that might be working as a proxy cyber force in support of the Russian government’s war with Ukraine? Ethically, paying a ransom has never been the right move, since it directly funds criminals, perpetuates their business model, funds future research and development efforts, and drives new criminals to join the fray.”

Title: Russian Ransomware Gang Retool Custom Hacking Tools of Other APT Groups
Date Published: March 14, 2022

https://thehackernews.com/2022/03/russian-ransomware-gang-retool-custom.html
Excerpt: “A Russian-speaking ransomware outfit likely targeted an unnamed entity in the gambling and gaming sector in Europe and Central America by repurposing custom tools developed by other APT groups like Iran’s MuddyWater, new research has found.”

Title: Fake Valorant Cheats on YouTube Infect You With RedLine Stealer
Date Published: March 13,  2022

https://www.bleepingcomputer.com/news/security/fake-valorant-cheats-on-youtube-infect-you-with-redline-stealer/
Excerpt: “Korean security analysts have spotted a malware distribution campaign that uses Valorant cheat lures on YouTube to trick players into downloading RedLine, a powerful information stealer. This type of abuse is quite common, as the threat actors find it easy to bypass YouTube’s new content submission reviews or create new accounts when reported and blocked.”

Title: Russia-Ukraine Cyber Conflict Poses Critical Infrastructure at Risk
Date Published: March 14, 2022

https://securityaffairs.co/wordpress/129009/cyber-warfare-2/russia-ukraine-critical-infrastructure-attacks.html
Excerpt: “Critical infrastructure is a privileged target for almost any kind of threat actor, the ongoing Russia-Ukraine cyber conflict is posing them at risk. Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial services, government facilities, nuclear reactors, and critical manufacturing.”

Title: Cybercrooks’ Political In-Fighting Threatens the West
Date Published: March 14, 2022

https://threatpost.com/cybercrooks-political-in-fighting-threatens-the-west/178899/
Excerpt: “A rift has formed in the cybercrime underground: one that could strengthen, rather than cripple, the cyber-onslaught of ransomware. According to a report (PDF) published Monday, ever since the outbreak of war in Ukraine, “previously coexisting, financially motivated threat actors divided along ideological factions.”

Title: New Linux Bug in Netfilter Firewall Module Lets Attackers Gain Root Access
Date Published: March 14, 2022

https://thehackernews.com/2022/03/new-linux-bug-in-netfilter-firewall.html

Excerpt: “A newly disclosed security flaw in the Linux kernel could be leveraged by a local adversary to gain elevated privileges on vulnerable systems to execute arbitrary code, escape containers, or induce a kernel panic. Tracked as CVE-2022-25636 (CVSS score: 7.8), the vulnerability impacts Linux kernel versions 5.4 through 5.6.10 and is a result of a heap out-of-bounds write in the netfilter subcomponent in the kernel. The issue was discovered by Nick Gregory, a research scientist at Capsule8.”

Title: VPN Provider Bans BitTorrent After Getting Sued by Film Studios
Date Published: March 12, 2022

https://www.bleepingcomputer.com/news/security/vpn-provider-bans-bittorrent-after-getting-sued-by-film-studios/

Excerpt: “”No logs” VPN provider TorGuard has reached a legal settlement this month with over two dozen movie studios that sued the company for encouraging piracy and copyright infringement.
Last year, over two dozen film studios had sued TorGuard, claiming the VPN provider maintained no logs and encouraged online piracy through its marketing efforts.”

Recent Posts

September 16, 2022

Title: Uber hacked, internal systems breached and vulnerability reports stolen Date Published: September 16, 2022 https://www.bleepingcomputer.com/news/security/uber-hacked-internal-systems-breached-and-vulnerability-reports-stolen/ Excerpt: “Uber suffered a...

September 15, 2022

Title: Webworm hackers modify old malware in new attacks to evade attribution Date Published: September 15, 2022 https://www.bleepingcomputer.com/news/security/webworm-hackers-modify-old-malware-in-new-attacks-to-evade-attribution/ Excerpt: “The Chinese 'Webworm'...

September 14, 2022

Title: Chinese hackers create Linux version of the SideWalk Windows malware Date Published: September 14, 2022 https://www.bleepingcomputer.com/news/security/chinese-hackers-create-linux-version-of-the-sidewalk-windows-malware/ Excerpt: “State-backed Chinese hackers...

September 13, 2022

Title: Cyberspies drop new infostealer malware on govt networks in Asia Date Published: September 13, 2022 https://www.bleepingcomputer.com/news/security/cyberspies-drop-new-infostealer-malware-on-govt-networks-in-asia/ Excerpt: “Security researchers have identified...

September 12, 2022

Title: Cisco confirms Yanluowang ransomware leaked stolen company data Date Published: September 12, 2022 https://www.bleepingcomputer.com/news/security/cisco-confirms-yanluowang-ransomware-leaked-stolen-company-data/ Excerpt: “Cisco has confirmed that the data leaked...

September 9, 2022

Title: Bumblebee Malware Adds Post-exploitation Tool for Stealthy Infections Date Published: September 8, 2022 https://www.bleepingcomputer.com/news/security/bumblebee-malware-adds-post-exploitation-tool-for-stealthy-infections/ Excerpt: “A new version of the...

September 8, 2022

Title: North Korean Lazarus Hackers Take Aim at U.S. Energy Providers Date Published: September 8, 2022 https://www.bleepingcomputer.com/news/security/north-korean-lazarus-hackers-take-aim-at-us-energy-providers/ Excerpt: “The North Korean APT group 'Lazarus' (APT38)...