March 23, 2022

Fortify Security Team
Mar 23, 2022

Title: White House Shares Checklist to Counter Russian Cyberattacks
Date Published: March 22, 2022
Excerpt: “The White House is urging U.S. organizations to shore up their cybersecurity defenses after new intelligence suggests that Russia is preparing to conduct cyberattacks in the near future.With the U.S. imposing strict sanctions against Russia and aiding Ukraine in the war, the White House is expecting the Kremlin to retaliate with cyberattacks against critical infrastructure and U.S. interests.”

Title: China-Linked GIMMICK Implant Now Targets macOS
Date Published: March 23, 2022

Excerpt: “In late 2021, Volexity researchers investigated an intrusion in an environment they were monitoring and discovered a MacBook Pro running macOS 11.6 (Big Sur) that was compromised with a previously unknown macOS malware tracked as GIMMICK. The researchers explained that they have discovered Windows versions of the same implant during the past investigations.”

Title: As Breaches Soar, Companies Must Turn to Cloud-Native Security Solutions for Protection
Date Published: March 23, 2022

Excerpt: “Over the past two years, companies’ adoption of public cloud services has surged, but fast-paced change and weaker security controls have led to an increase in data breaches, finds a Laminar report.”

Title: European Union Officials Call for Stricter Cyber Rules
Date Published: March 22, 2022

Excerpt: “Just one day after the White House warned that intelligence is pointing to potential offensive cyberattacks out of Moscow, European Union officials are calling for more stringent cybersecurity rules. On Tuesday, the European Commission, the EU’s 27-member executive branch, called for a cybersecurity risk framework it would implement to stem cyberthreats emanating from the Kremlin, according to Reuters. This comes as the latter wages war in Ukraine, a former Soviet state, and as the West, including the Biden administration, has hobbled the Russian Federation with economic sanctions.”

Title: Chinese ‘Mustang Panda’ Hackers Spotted Deploying New ‘Hodur’ Malware
Date Published: March 23, 2022

Excerpt: “A China-based advanced persistent threat (APT) known as Mustang Panda has been linked to an ongoing cyberespionage campaign using a previously undocumented variant of the PlugX remote access trojan on infected machines. Slovak cybersecurity firm ESET dubbed the new version Hodur, owing to its resemblance to another PlugX (aka Korplug) variant called THOR that came to light in July 2021.”

Title: Amid recovery, Kentucky Hospital Details Cyberattack Discovered in January
Date Published: March 22, 2022

Excerpt: “Amid its continued recovery efforts, Taylor Regional Hospital (TRH) in Kentucky notified patients this week that the cyberattack began with a systems hack, which led to the access of their protected health information. The notification comes well ahead of the 60-day timeline required by the Health Insurance Portability and Accountability Act. The transparency can empower patients to take quick action to monitor for and prevent potential fraud attempts.”

Title: Windows 10 KB5011543 Update Released with Search Highlights Feature
Date Published: March 22, 2022

Excerpt: “Microsoft has released the optional KB5011543 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. This update includes numerous bug fixes and a new “Search highlights” feature for the Windows 10 Start Menu. The KB5011543 cumulative update preview is part of Microsoft’s March 2022 monthly “C” update, allowing admins to test upcoming fixes to be released in the April 2022 Patch Tuesday.”

Title: It’s Official, Lapsus$ Gang Compromised a Microsoft Employee’s Account
Date Published: March 23, 2022

Excerpt: “Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. Yesterday the cybercrime gang leaked 37GB of source code stolen from Microsoft’s Azure DevOps server. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps server and shared a screenshot of alleged internal source code repositories.”

Title: US Critical Infrastructure Operators Should Prepare for Retaliatory Cyberattacks
Date Published: March 22, 2022

Excerpt: “US President Joe Biden has urged companies in critical infrastructure sectors to shore up their defenses against potential cyberattacks. “Most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors,” he noted, and advised those that have not yet done it to harden their cyber defenses by implementing security best practices delineated earlier this year.”

Title: Over 200,000 MicroTik Routers Worldwide Are Under the Control of Botnet Malware
Date Published: March 23, 2022

Excerpt: “Vulnerable routers from MikroTik have been misused to form what cybersecurity researchers have called one of the largest botnet-as-a-service cybercrime operations seen in recent years. According to a new piece of research published by Avast, a cryptocurrency mining campaign leveraging the new-disrupted Glupteba botnet as well as the infamous TrickBot malware were all distributed using the same command-and-control (C2) server.”

Recent Posts

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 Excerpt: “Florida man Nicholas Truglia...

December 2, 2022

Title: New Go-Based Redigo Malware Targets Redis Servers Date Published: December 1, 2022 Excerpt: “Redigo is a new Go-based malware employed in attacks against Redis servers...

December 1, 2022

Title: Keralty Ransomware Attack Impacts Colombia’s Health Care System Date Published: November 30, 2022 Excerpt: “The Keralty multinational healthcare...