March 14, 2022

Fortify Security Team
Mar 14, 2022

Title: Ubisoft Confirms ‘Cyber Security Incident’, Resets Staff Passwords
Date Published: March 12, 2022

Excerpt: “Video game developer Ubisoft has confirmed that it suffered a ‘cyber security incident’ that caused disruption to its games, systems, and services. The announcement comes after multiple Ubisoft users had reported issues last week accessing their Ubisoft service.”

Title:Brazilian Trojan Impacting Portuguese Users and Using the Same Capabilities Seen in Other Latin American Threats
Date Published: March 14, 2022
Excerpt: “A new variant of a Brazilian trojan has impacted Internet end users in Portugal since last month (February 2022). Although there are no significant differences and sophistication in contrast to other well-known trojans such as Maxtrilha, URSA, and Javali, an analysis of the artifacts and IOCs obtained from this campaign is presented below.”

Title: Poor Data Sanitization Practices Put Public Sector Data at Risk
Date Published: March 14, 2022

Excerpt: “A research launched by Blancco Technology Group reveals current practices and policies for device sanitization within the public sector. Researchers spoke to 596 government IT leaders across nine countries. The survey revealed that the governments and public sector organizations represented spend as much as $17M annually on the physical destruction of solid-state drives (SSDs), a data storage device widely used both independently and within laptops, desktops, and servers.”

Title: Russia’s War Further Complicates Cybercrime Ransom Payments
Date Published: March 14, 2022

Excerpt: “What are the ethics of paying a ransom to a cybercrime syndicate that might be working as a proxy cyber force in support of the Russian government’s war with Ukraine? Ethically, paying a ransom has never been the right move, since it directly funds criminals, perpetuates their business model, funds future research and development efforts, and drives new criminals to join the fray.”

Title: Russian Ransomware Gang Retool Custom Hacking Tools of Other APT Groups
Date Published: March 14, 2022
Excerpt: “A Russian-speaking ransomware outfit likely targeted an unnamed entity in the gambling and gaming sector in Europe and Central America by repurposing custom tools developed by other APT groups like Iran’s MuddyWater, new research has found.”

Title: Fake Valorant Cheats on YouTube Infect You With RedLine Stealer
Date Published: March 13,  2022
Excerpt: “Korean security analysts have spotted a malware distribution campaign that uses Valorant cheat lures on YouTube to trick players into downloading RedLine, a powerful information stealer. This type of abuse is quite common, as the threat actors find it easy to bypass YouTube’s new content submission reviews or create new accounts when reported and blocked.”

Title: Russia-Ukraine Cyber Conflict Poses Critical Infrastructure at Risk
Date Published: March 14, 2022
Excerpt: “Critical infrastructure is a privileged target for almost any kind of threat actor, the ongoing Russia-Ukraine cyber conflict is posing them at risk. Ongoing attacks could cause severe damages to multiple sectors, including transportation, communication, financial services, government facilities, nuclear reactors, and critical manufacturing.”

Title: Cybercrooks’ Political In-Fighting Threatens the West
Date Published: March 14, 2022
Excerpt: “A rift has formed in the cybercrime underground: one that could strengthen, rather than cripple, the cyber-onslaught of ransomware. According to a report (PDF) published Monday, ever since the outbreak of war in Ukraine, “previously coexisting, financially motivated threat actors divided along ideological factions.”

Title: New Linux Bug in Netfilter Firewall Module Lets Attackers Gain Root Access
Date Published: March 14, 2022

Excerpt: “A newly disclosed security flaw in the Linux kernel could be leveraged by a local adversary to gain elevated privileges on vulnerable systems to execute arbitrary code, escape containers, or induce a kernel panic. Tracked as CVE-2022-25636 (CVSS score: 7.8), the vulnerability impacts Linux kernel versions 5.4 through 5.6.10 and is a result of a heap out-of-bounds write in the netfilter subcomponent in the kernel. The issue was discovered by Nick Gregory, a research scientist at Capsule8.”

Title: VPN Provider Bans BitTorrent After Getting Sued by Film Studios
Date Published: March 12, 2022

Excerpt: “”No logs” VPN provider TorGuard has reached a legal settlement this month with over two dozen movie studios that sued the company for encouraging piracy and copyright infringement.
Last year, over two dozen film studios had sued TorGuard, claiming the VPN provider maintained no logs and encouraged online piracy through its marketing efforts.”

Recent Posts

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 Excerpt: “Florida man Nicholas Truglia...

December 2, 2022

Title: New Go-Based Redigo Malware Targets Redis Servers Date Published: December 1, 2022 Excerpt: “Redigo is a new Go-based malware employed in attacks against Redis servers...

December 1, 2022

Title: Keralty Ransomware Attack Impacts Colombia’s Health Care System Date Published: November 30, 2022 Excerpt: “The Keralty multinational healthcare...