March 15, 2022

Fortify Security Team
Mar 15, 2022

Title: New CaddyWiper Data Wiping Malware Hits Ukrainian Networks
Date Published: March 14, 2022

https://www.bleepingcomputer.com/news/security/new-caddywiper-data-wiping-malware-hits-ukrainian-networks/

Excerpt: “Newly discovered data-destroying malware was observed earlier today in attacks targeting Ukrainian organizations and deleting data across systems on compromised networks. “This new malware erases user data and partition information from attached drives,” ESET Research Labs explained. “ESET telemetry shows that it was seen on a few dozen systems in a limited number of organizations.””

Title: The German BSI Agency Recommends Replacing Kaspersky Antivirus Software
Date Published: March 14, 2022

https://securityaffairs.co/wordpress/129085/intelligence/bsi-recommends-replace-kaspersky-av.html

Excerpt: “The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. The Agency warns the cybersecurity firm could be implicated in hacking attacks during the ongoing Russian invasion of Ukraine.According to §7 BSI law, the BSI warns against the use of Kaspersky Antivirus and recommends replacing it asap with defense solutions from other vendors.”

Title: Pandora Ransomware Hits Giant Automotive Supplier Denso
Date Published: March 15, 2022

https://threatpost.com/pandora-ransomware-hits-giant-automotive-supplier-denso/178911/

Excerpt: “A multibillion supplier to key automotive companies like Toyota, Mercedes-Benz and Ford confirmed Monday that it was the target of a cyberattack over the weekend – confirmation that came after the Pandora ransomware group began leaking data that attackers claimed was stolen in the incident.”

Title: Financially Motivated Threat Actors Willing to go After Russian Targets
Date Published: March 15, 2022

https://www.helpnetsecurity.com/2022/03/15/threat-actors-russian-targets/

Excerpt: “As Ukrainian organizations are getting hit with yet another data-wiping malware, financially motivated threat actors are choosing sides and some of them are expressing their willingness to target Russian targets.”

Title: Nearly 34 Ransomware Variants Observed in Hundreds of Cyberattacks in Q4 2021
Date Published: March 15, 2022

https://thehackernews.com/2022/03/nearly-34-ransomware-variants-observed.html
Excerpt: “As many as 722 ransomware attacks were observed during the fourth quarter of 2021, with LockBit 2.0, Conti, PYSA, Hive, and Grief emerging as the most prevalent strains, according to new research published by Intel 471.The attacks mark an increase of 110 and 129 attacks from the third and second quarters of 2021, respectively. In all, 34 different ransomware variants were detected during the three-month-period between October and December 2021.”

Title: Not another NotPetya: Ukraine conflict renews calls from CISOs for healthcare threat sharing
Date Published: March 14,  2022

https://www.scmagazine.com/feature/risk-management/not-another-notpetya-ukraine-conflict-renews-calls-from-cisos-for-healthcare-threat-sharing

Excerpt: “Healthcare chief information security officers are raising red flags to threat sharing groups about an alarming increase in cyberattacks amid the ongoing conflict in Ukraine – most notably by way of phishing incidents. Like many organizations across critical verticals, healthcare leaders recognize the threat posed by geopolitical tensions in Eastern Europe against the healthcare sector, notifying peers and communicating with sector specific information sharing centers about increased targeting of executives.”

Title: Mobile Threats Skyrocket
Date Published: March 14, 2022

https://www.darkreading.com/endpoint/mobile-threats-skyrocket

Excerpt: “The volume of mobile threats is increasing and attackers are growing more sophisticated, with almost a third of zero-day attacks now targeting mobile devices, new data shows.In its annual mobile threats report published this week, cybersecurity firm Zimperium says data from its services shows that nearly a quarter of mobile devices encountered malware last year, while 13% had their data intercepted by a machine-in-the-middle attack and 12% were directed to a malicious website. The rising cyber-risk comes as the attack surface area of mobile applications has grown, with more than 900 Common Vulnerabilities and Exposures (CVEs) reported in 2021 that directly affect Apple iOS or Google Android. In addition, risks have risen from the third-party components used by developers, and a variety of misconfigurations have undermined the security of the cloud services underpinning mobile applications.”

Title: Fake Antivirus Updates Used to Deploy Cobalt Strike in Ukraine
Date Published: March 14, 2022

https://www.bleepingcomputer.com/news/security/fake-antivirus-updates-used-to-deploy-cobalt-strike-in-ukraine/

Excerpt: “Ukraine’s Computer Emergency Response Team is warning that threat actors are distributing fake Windows antivirus updates that install Cobalt Strike and other malware. The phishing emails impersonate Ukrainian government agencies offering ways to increase network security and advise recipients to download “critical security updates,” which come in the form of a 60 MB file named “BitdefenderWindowsUpdatePackage.exe.””

Title: Dirty Pipe Linux Flaw Impacts Most QNAP NAS Devices
Date Published: March 15, 2022

https://securityaffairs.co/wordpress/129076/hacking/qnap-nas-dirty-pipe.html

Excerpt: “Taiwanese hardware vendor QNAP warns most of its Network Attached Storage (NAS) devices are impacted by the recently discovered Linux vulnerability ‘Dirty Pipe.’ An attacker with local access can exploit the high-severity vulnerability Dirty Pipe to gain root privileges.”

Title: Massive DDoS Attack Knocked Israeli Government Websites Offline
Date Published: March 15, 2022

https://thehackernews.com/2022/03/massive-ddos-attack-knocked-israeli.html

Excerpt: “A number of websites belonging to the Israeli government were felled in a distributed denial-of-service (DDoS) attack on Monday, rendering the portals inaccessible for a short period of time. “In the past few hours, a DDoS attack against a communications provider was identified,” the Israel National Cyber Directorate (INCD) said in a tweet. “As a result, access to several websites, among them government websites, was denied for a short time. As of now, all of the websites have returned to normal activity.””

Recent Posts

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...

May 3, 2022

Title: Aruba and Avaya Network Switches are Vulnerable to RCE Attacks Date Published: May 3, 2022 https://www.bleepingcomputer.com/news/security/aruba-and-avaya-network-switches-are-vulnerable-to-rce-attacks/ Excerpt: “Security researchers have discovered five...

May 2, 2022

Title: U.S. DoD Tricked into Paying $23.5 Million to Phishing Actor Date Published: May 2, 2022 https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/ Excerpt: “The U.S. Department of Justice (DoJ) has announced the...

April 29, 2022

Title: EmoCheck now Detects New 64-bit Versions of Emotet Malware Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/emocheck-now-detects-new-64-bit-versions-of-emotet-malware/ Excerpt: “The Japan CERT has released a new version of their...

April 28, 2022

Title: New Bumblebee Malware Takes Over BazarLoader's Ransomware Delivery Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/ Excerpt: “A newly discovered malware loader...

April 27, 2022

Title: Chinese State-Backed Hackers now Target Russian State Officers Date Published: April 27, 2022 https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/ Excerpt: “Security researchers analyzing a phishing...