March 21, 2022

Fortify Security Team
Mar 21, 2022

Title: More Conti Ransomware Source Code Leaked on Twitter out of Revenge
Date Published: March 20, 2022

Excerpt: “A Ukrainian security researcher has leaked newer malware source code from the Conti ransomware operation in revenge for the cybercriminals siding with Russia on the invasion of Ukraine. Conti is an elite ransomware gang run by Russian-based threat actors. With their involvement in developing numerous malware families, it is considered one of the most active cybercrime operations.”

Title: DirtyMoe Modules Expand the Bot Using Worm-Like Techniques
Date Published: March 21, 2022

Excerpt: “In June 2021, researchers from Avast warned of the rapid growth of the DirtyMoe botnet (PurpleFox, Perkiler, and NuggetPhantom), which passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.”

Title: Agencies Warn on Satellite Hacks & GPS Jamming Affecting Airplanes, Critical Infrastructure
Date Published: March 18, 2022

Excerpt: “In a warning to aviation authorities and air operators on Thursday, the European Union Aviation Safety Agency (EASA) warned of satellite jamming and spoofing attacks across a broad swath of Eastern Europe that could affect air navigation systems. The warning came in tandem with a separate alert from the FBI and the U.S. Cybersecurity Infrastructure and Security Agency (CISA) that hackers could be targeting satellite communications networks in general.”

Title: Attackers Employ Novel Methods to Backdoor French Organizations
Date Published: March 21, 2022

Excerpt: “An advanced threat actor has been spotted using distinctive, novel methods to backdoor French entities in the construction, real estate, and government industries. The attack starts with a well-known technique – emails containing a macro-enabled Microsoft Word document masquerading as information relating to the GDPR – and ends up with an attempt to install a backdoor on target systems. What happens in between those steps, though, is what makes these attacks interesting.”

Title: Ransomware Alert: AvosLocker Hits Critical InfrastructureRansomware Alert: AvosLocker Hits Critical Infrastructure
Date Published: March 21, 2022

Excerpt: “The ransomware-as-a-service operation AvosLocker has been amassing “victims across multiple critical infrastructure sectors in the United States,” the FBI warns. Known victims hail from organizations in such sectors as financial services, manufacturing and government facilities, the FBI, together with the Treasury Department and its Financial Crimes Enforcement Network bureau, aka FinCEN, warn in a cybersecurity advisory.”

Title: New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable
Date Published: March 21, 2022

Excerpt: “A novel phishing technique called browser-in-the-browser (BitB) attack can be exploited to simulate a browser window within the browser in order to spoof a legitimate domain, thereby making it possible to stage convincing phishing attacks. According to penetration tester and security researcher, who goes by the handle mrd0x_, the method takes advantage of third-party single sign-on (SSO) options embedded on websites such as “Sign in with Google” (or Facebook, Apple, or Microsoft).”

Title: South Denver Cardiology Cyberattack, Data Access Impacts 287K patients
Date Published: March 18, 2022

Excerpt: “South Denver Cardiology Associates recently notified 287,652 patients that their protected health information was accessed ahead of a cyberattack deployed in January this year. The cyberattack was launched against the computer network on Jan. 4, which prompted the security team to launch incident response processes, take steps to secure the network, and shut down certain computer systems. Law enforcement was also notified.”

Title: New Phishing Toolkit Lets Anyone Create Fake Chrome Browser Windows
Date Published: March 19, 2022

Excerpt: “A phishing kit has been released that allows red teamers and wannabe cybercriminals to create effective single sign-on phishing login forms using fake Chrome browser windows. When signing into websites, it is common to see the option to sign with Google, Microsoft, Apple, Twitter, or even Steam.”

Title: Anonymous Leaked Data Stolen from Russian Pipeline Company Transneft
Date Published: March 20, 2022

Excerpt: “Anonymous collective claims it has hacked Omega Company, which is the in-house R&D unit of Transneft, the Russia-based state-controlled oil pipeline company. Transneft is the largest oil pipeline company in the world, the hacktivists have stolen 79GB of emails and published them on the leak site of the non-profit whistleblower organization Distributed Denial of Secrets.”

Title: ‘CryptoRom’ Crypto Scam Abusing iPhone Features to Target Mobile Users
Date Published: March 21, 2022

Excerpt: “Social engineering attacks leveraging a combination of romantic lures and cryptocurrency fraud have been luring unsuspecting victims into installing fake apps by taking advantage of legitimate iOS features like TestFlight and Web Clips. Cybersecurity company Sophos, which has named the organized crime campaign “CryptoRom,” characterized it as a wide-ranging global scam.”

Recent Posts

July 17, 2023

Title: Thousands of Images on Docker Hub Leak Auth Secrets, Private Keys Date Published: July 16, 2023 Excerpt: “Researchers at the RWTH Aachen University...

July 14, 2023

Title: Indexing Over 15 Million WordPress Websites with PWNPress Date Published: July 14, 2023 Excerpt: “Sicuranex’s PWNPress platform indexed over 15 million WordPress websites, it collects data...

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 Excerpt: “Florida man Nicholas Truglia...