March 24, 2022

Fortify Security Team
Mar 24, 2022

Title: FBI Adds Russian Cybercrime Market Owner to Most Wanted List
Date Published: March 23, 2022 Excerpt: “A Russian national has been indicted by the US DOJ and added to the FBI’s Cyber Most Wanted list for allegedly creating and managing a cybercrime marketplace. Igor Dekhtyarchuk, a resident of Russia, was indicted in the Eastern District of Texas for running the cybercrime marketplace that sold credit cards, access to compromised devices or accounts, and personal information.”

Title: Anonymous Claims to Have Hacked the Central Bank of Russia
Date Published: March 24, 2022 Excerpt: “Anonymous continues to target Russian government organizations and private businesses, now it is claiming to have hacked the Central Bank of Russia. The popular hacker collective claims to have compromised the systems of the Central Bank of Russia and stole 35,000 files, it announced that will leak it it in 48 hours.”

Title: Tax-Season Scammers Spoof Fintechs Stash, Public
Date Published: March 24, 2022

Excerpt: “Threat actors have new targets in their sites this tax season during the annual barrage of cyber-scams as people file their U.S. income-tax documents. Novel email campaigns are spoofing popular financial technology (fintech) applications and their tax notifications to try to dupe victims into giving up their credentials, researchers have found.”

Title: New Cyberespionage Campaign Targeting ISPs, Research Entities
Date Published: March 24, 2022 Excerpt: “ESET Research discovered a still-ongoing cyberespionage campaign using a previously undocumented Korplug variant by the Mustang Panda APT group. The current campaign exploits the war in Ukraine and other European news topics.”

Title: Chinese APT Hackers Targeting Betting Companies in Southeast Asia
Date Published: March 24, 2022 Excerpt “A Chinese-speaking advanced persistent threat (APT) has been linked to a new campaign targeting gambling-related companies in South East Asia, particularly Taiwan, the Philippines, and Hong Kong. Cybersecurity firm Avast dubbed the campaign Operation Dragon Castling, describing its malware arsenal as a “robust and modular toolset.” The ultimate motives of the threat actor are not immediately discernible as yet nor has it been linked to a known hacking group.”

Title:  Scripps Health Sued Over Ongoing Payroll Disruption Claims, as Kronos Fallout Continues
Date Published: March 23, 2022 Excerpt: “Scripps Health is facing a class-action lawsuit filed by employees impacted by the Kronos outages and subsequent payroll disruptions. The San Diego-based health system joins a growing list of providers facing similar legal filings, spurred by the fallout from the December ransomware attack.”

Title: FBI: Ransomware hit 649 critical infrastructure orgs in 2021
Date Published: March 23, 2022 Excerpt: “The Federal Bureau of Investigation (FBI) says ransomware gangs have breached the networks of at least 649 organizations from multiple US critical infrastructure sectors last year, according to the Internet Crime Complaint Center (IC3) 2021 Internet Crime Report. However, the actual number is likely higher given that the FBI only started tracking reported ransomware incidents in which the victim a critical infrastructure sector organization in June 2021.”

Title: Ukrainian Enterprises Hit with the DoubleZero Wiper
Date Published: March 23, 2022 Excerpt: “Ukraine CERT-UA continues to observe malware based attacks aimed at Ukrainian organizations, in a recent alert it warned of attacks employing a wiper dubbed DoubleZero. The government CERT started observing this campaign on March 17, 2022, threat actors launched spear-phishing attacks using malicious.”

Title: Microsoft Help Files Disguise Vidar Malware
Date Published: March 24, 2022

Excerpt: “Where’s the last place you’d expect to find malware? In an email from your mother? Embedded in software you trust and use everyday (actually, that’s probably the first place you should look)? How about in a technical documentation file? In a report published Thursday, Trustwave SpiderLabs revealed a new phishing attack designed to plant the Vidar infostealer on target machines. The trick to this particular campaign is that it conceals its complex malware behind a Microsoft Compiled HTML Help (.CHM) file, Microsoft’s proprietary file format for help documentation saved in HTML. In other words, it’s the kind of file you almost never look at or even think about.”

Title: Over 200,000 MicroTik Routers Worldwide Are Under the Control of Botnet Malware
Date Published: March 24, 2022 Excerpt: “A new large scale supply chain attack has been observed targeting Azure developers with no less than 218 malicious NPM packages with the goal of stealing personal identifiable information. “After manually inspecting some of these packages, it became apparent that this was a targeted attack against the entire @azure NPM scope, by an attacker that employed an automatic script to create accounts and upload malicious packages that cover the entirety of that scope,” JFrog researchers Andrey Polkovnychenko and Shachar Menashe said in a new report.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 Excerpt: “The duration of ransomware attacks in 2021...