March 23, 2022

Fortify Security Team
Mar 23, 2022

Title: White House Shares Checklist to Counter Russian Cyberattacks
Date Published: March 22, 2022
Excerpt: “The White House is urging U.S. organizations to shore up their cybersecurity defenses after new intelligence suggests that Russia is preparing to conduct cyberattacks in the near future.With the U.S. imposing strict sanctions against Russia and aiding Ukraine in the war, the White House is expecting the Kremlin to retaliate with cyberattacks against critical infrastructure and U.S. interests.”

Title: China-Linked GIMMICK Implant Now Targets macOS
Date Published: March 23, 2022

Excerpt: “In late 2021, Volexity researchers investigated an intrusion in an environment they were monitoring and discovered a MacBook Pro running macOS 11.6 (Big Sur) that was compromised with a previously unknown macOS malware tracked as GIMMICK. The researchers explained that they have discovered Windows versions of the same implant during the past investigations.”

Title: As Breaches Soar, Companies Must Turn to Cloud-Native Security Solutions for Protection
Date Published: March 23, 2022

Excerpt: “Over the past two years, companies’ adoption of public cloud services has surged, but fast-paced change and weaker security controls have led to an increase in data breaches, finds a Laminar report.”

Title: European Union Officials Call for Stricter Cyber Rules
Date Published: March 22, 2022

Excerpt: “Just one day after the White House warned that intelligence is pointing to potential offensive cyberattacks out of Moscow, European Union officials are calling for more stringent cybersecurity rules. On Tuesday, the European Commission, the EU’s 27-member executive branch, called for a cybersecurity risk framework it would implement to stem cyberthreats emanating from the Kremlin, according to Reuters. This comes as the latter wages war in Ukraine, a former Soviet state, and as the West, including the Biden administration, has hobbled the Russian Federation with economic sanctions.”

Title: Chinese ‘Mustang Panda’ Hackers Spotted Deploying New ‘Hodur’ Malware
Date Published: March 23, 2022

Excerpt: “A China-based advanced persistent threat (APT) known as Mustang Panda has been linked to an ongoing cyberespionage campaign using a previously undocumented variant of the PlugX remote access trojan on infected machines. Slovak cybersecurity firm ESET dubbed the new version Hodur, owing to its resemblance to another PlugX (aka Korplug) variant called THOR that came to light in July 2021.”

Title: Amid recovery, Kentucky Hospital Details Cyberattack Discovered in January
Date Published: March 22, 2022

Excerpt: “Amid its continued recovery efforts, Taylor Regional Hospital (TRH) in Kentucky notified patients this week that the cyberattack began with a systems hack, which led to the access of their protected health information. The notification comes well ahead of the 60-day timeline required by the Health Insurance Portability and Accountability Act. The transparency can empower patients to take quick action to monitor for and prevent potential fraud attempts.”

Title: Windows 10 KB5011543 Update Released with Search Highlights Feature
Date Published: March 22, 2022

Excerpt: “Microsoft has released the optional KB5011543 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. This update includes numerous bug fixes and a new “Search highlights” feature for the Windows 10 Start Menu. The KB5011543 cumulative update preview is part of Microsoft’s March 2022 monthly “C” update, allowing admins to test upcoming fixes to be released in the April 2022 Patch Tuesday.”

Title: It’s Official, Lapsus$ Gang Compromised a Microsoft Employee’s Account
Date Published: March 23, 2022

Excerpt: “Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. Yesterday the cybercrime gang leaked 37GB of source code stolen from Microsoft’s Azure DevOps server. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps server and shared a screenshot of alleged internal source code repositories.”

Title: US Critical Infrastructure Operators Should Prepare for Retaliatory Cyberattacks
Date Published: March 22, 2022

Excerpt: “US President Joe Biden has urged companies in critical infrastructure sectors to shore up their defenses against potential cyberattacks. “Most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors,” he noted, and advised those that have not yet done it to harden their cyber defenses by implementing security best practices delineated earlier this year.”

Title: Over 200,000 MicroTik Routers Worldwide Are Under the Control of Botnet Malware
Date Published: March 23, 2022

Excerpt: “Vulnerable routers from MikroTik have been misused to form what cybersecurity researchers have called one of the largest botnet-as-a-service cybercrime operations seen in recent years. According to a new piece of research published by Avast, a cryptocurrency mining campaign leveraging the new-disrupted Glupteba botnet as well as the infamous TrickBot malware were all distributed using the same command-and-control (C2) server.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 Excerpt: “The duration of ransomware attacks in 2021...