March 23, 2022

Fortify Security Team
Mar 23, 2022

Title: White House Shares Checklist to Counter Russian Cyberattacks
Date Published: March 22, 2022

https://www.bleepingcomputer.com/news/security/white-house-shares-checklist-to-counter-russian-cyberattacks/
Excerpt: “The White House is urging U.S. organizations to shore up their cybersecurity defenses after new intelligence suggests that Russia is preparing to conduct cyberattacks in the near future.With the U.S. imposing strict sanctions against Russia and aiding Ukraine in the war, the White House is expecting the Kremlin to retaliate with cyberattacks against critical infrastructure and U.S. interests.”

Title: China-Linked GIMMICK Implant Now Targets macOS
Date Published: March 23, 2022

https://securityaffairs.co/wordpress/129402/malware/gimmick-implant-targets-macos.html

Excerpt: “In late 2021, Volexity researchers investigated an intrusion in an environment they were monitoring and discovered a MacBook Pro running macOS 11.6 (Big Sur) that was compromised with a previously unknown macOS malware tracked as GIMMICK. The researchers explained that they have discovered Windows versions of the same implant during the past investigations.”

Title: As Breaches Soar, Companies Must Turn to Cloud-Native Security Solutions for Protection
Date Published: March 23, 2022

https://www.helpnetsecurity.com/2022/03/23/public-cloud-data-breaches/

Excerpt: “Over the past two years, companies’ adoption of public cloud services has surged, but fast-paced change and weaker security controls have led to an increase in data breaches, finds a Laminar report.”

Title: European Union Officials Call for Stricter Cyber Rules
Date Published: March 22, 2022

https://www.bankinfosecurity.com/european-union-officials-call-for-stricter-cyber-rules-a-18775

Excerpt: “Just one day after the White House warned that intelligence is pointing to potential offensive cyberattacks out of Moscow, European Union officials are calling for more stringent cybersecurity rules. On Tuesday, the European Commission, the EU’s 27-member executive branch, called for a cybersecurity risk framework it would implement to stem cyberthreats emanating from the Kremlin, according to Reuters. This comes as the latter wages war in Ukraine, a former Soviet state, and as the West, including the Biden administration, has hobbled the Russian Federation with economic sanctions.”

Title: Chinese ‘Mustang Panda’ Hackers Spotted Deploying New ‘Hodur’ Malware
Date Published: March 23, 2022

https://thehackernews.com/2022/03/chinese-mustang-panda-hackers-spotted.html

Excerpt: “A China-based advanced persistent threat (APT) known as Mustang Panda has been linked to an ongoing cyberespionage campaign using a previously undocumented variant of the PlugX remote access trojan on infected machines. Slovak cybersecurity firm ESET dubbed the new version Hodur, owing to its resemblance to another PlugX (aka Korplug) variant called THOR that came to light in July 2021.”

Title: Amid recovery, Kentucky Hospital Details Cyberattack Discovered in January
Date Published: March 22, 2022

https://www.scmagazine.com/analysis/breach/amid-recovery-kentucky-hospital-details-cyberattack-discovered-in-january

Excerpt: “Amid its continued recovery efforts, Taylor Regional Hospital (TRH) in Kentucky notified patients this week that the cyberattack began with a systems hack, which led to the access of their protected health information. The notification comes well ahead of the 60-day timeline required by the Health Insurance Portability and Accountability Act. The transparency can empower patients to take quick action to monitor for and prevent potential fraud attempts.”

Title: Windows 10 KB5011543 Update Released with Search Highlights Feature
Date Published: March 22, 2022

https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5011543-update-released-with-search-highlights-feature/

Excerpt: “Microsoft has released the optional KB5011543 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. This update includes numerous bug fixes and a new “Search highlights” feature for the Windows 10 Start Menu. The KB5011543 cumulative update preview is part of Microsoft’s March 2022 monthly “C” update, allowing admins to test upcoming fixes to be released in the April 2022 Patch Tuesday.”

Title: It’s Official, Lapsus$ Gang Compromised a Microsoft Employee’s Account
Date Published: March 23, 2022

https://securityaffairs.co/wordpress/129391/hacking/lapsus-gang-compromised-microsoft-employees-account.html

Excerpt: “Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. Yesterday the cybercrime gang leaked 37GB of source code stolen from Microsoft’s Azure DevOps server. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps server and shared a screenshot of alleged internal source code repositories.”

Title: US Critical Infrastructure Operators Should Prepare for Retaliatory Cyberattacks
Date Published: March 22, 2022

https://www.helpnetsecurity.com/2022/03/22/us-critical-infrastructure-cyberattacks/

Excerpt: “US President Joe Biden has urged companies in critical infrastructure sectors to shore up their defenses against potential cyberattacks. “Most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors,” he noted, and advised those that have not yet done it to harden their cyber defenses by implementing security best practices delineated earlier this year.”

Title: Over 200,000 MicroTik Routers Worldwide Are Under the Control of Botnet Malware
Date Published: March 23, 2022

https://thehackernews.com/2022/03/over-200000-microtik-routers-worldwide.html

Excerpt: “Vulnerable routers from MikroTik have been misused to form what cybersecurity researchers have called one of the largest botnet-as-a-service cybercrime operations seen in recent years. According to a new piece of research published by Avast, a cryptocurrency mining campaign leveraging the new-disrupted Glupteba botnet as well as the infamous TrickBot malware were all distributed using the same command-and-control (C2) server.”

Recent Posts

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...

May 3, 2022

Title: Aruba and Avaya Network Switches are Vulnerable to RCE Attacks Date Published: May 3, 2022 https://www.bleepingcomputer.com/news/security/aruba-and-avaya-network-switches-are-vulnerable-to-rce-attacks/ Excerpt: “Security researchers have discovered five...

May 2, 2022

Title: U.S. DoD Tricked into Paying $23.5 Million to Phishing Actor Date Published: May 2, 2022 https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/ Excerpt: “The U.S. Department of Justice (DoJ) has announced the...

April 29, 2022

Title: EmoCheck now Detects New 64-bit Versions of Emotet Malware Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/emocheck-now-detects-new-64-bit-versions-of-emotet-malware/ Excerpt: “The Japan CERT has released a new version of their...

April 28, 2022

Title: New Bumblebee Malware Takes Over BazarLoader's Ransomware Delivery Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/ Excerpt: “A newly discovered malware loader...

April 27, 2022

Title: Chinese State-Backed Hackers now Target Russian State Officers Date Published: April 27, 2022 https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/ Excerpt: “Security researchers analyzing a phishing...