March 4, 2022

Fortify Security Team
Mar 4, 2022

Title: NY OAG Warns T-Mobile Data Breach Victims of Identity Theft Risks
Date Published: March 4, 2022

https://www.bleepingcomputer.com/news/security/ny-oag-warns-t-mobile-data-breach-victims-of-identity-theft-risks/

Excerpt: “The New York State Office of the Attorney General (NY OAG) warned victims of the August 2021 T-Mobile data breach that they faced identity theft risks after some of the stolen information ended up for sale on the dark web. The alert comes after individuals impacted in the incident were notified by identity theft protection services that their info was found online, demonstrating that affected consumers are now at heightened risk for identity theft.”

Title: Avast Released a Free Decryptor for the HermeticRansom that hit Ukraine
Date Published: March 3, 2022

https://securityaffairs.co/wordpress/128652/breaking-news/free-decryptor-hermeticransom-ukraine.html

Excerpt: “Avast has released a free decryptor for the HermeticRansom ransomware employed in targeted attacks against Ukrainian systems since February 23. The security firms aim at helping Ukrainians victims in recovering their file for free. The HermeticRansomware was one of the three components involved in disruptive attacks detailed by ESET researchers:”

Title: Russia Leaks Data From a Thousand Cuts–Podcast
Date Published: March 3, 2022

https://threatpost.com/russia-leaks-data-thousand-cuts-podcast/178749/

Excerpt: “Information about nuclear plants and air force capabilities. Conti ransomware gang crooks conjecturing that the National Security Agency (NSA) was maybe behind the mysterious, months-long TrickBot lull. Doxxed data about 120K Russian soldiers. Those are just some of the sensitive, valuable data that’s being hacked out of Russia in the cyber war zone – a war that erupted even before the country invaded Ukraine.”

Title: Perennial Security Challenges Hampering Organizations in Achieving their Security Objectives
Date Published: March 4, 2022

https://www.helpnetsecurity.com/2022/03/04/organizations-security-objectives/

Excerpt: “Arctic Wolf published a report, providing insight into the current and future state of cybersecurity teams as they attempt to move their security programs forward while dealing with an ever-evolving threat environment. The report is based on findings from a recent global survey of more than 300 global security leaders. The research findings show that a multitude of perennial security challenges continue to hamper organizations in accomplishing their security objectives in 2022.”

Title: RConti Gang Members Fretted Over Putin’s Ukraine Invasion
Date Published: March 3, 2022

https://www.bankinfosecurity.com/conti-gang-members-fretted-over-putins-ukraine-invasion-a-18652

Excerpt: “One question that’s been floating around is if Russia, already mired in a ground war in Ukraine, would use its offensive cyber capabilities against the West. And even, perhaps, nudge ransomware gangs into doing its bidding. It appears two Russian members of one ransomware gang, Conti, were indeed concerned about the war and its potential to influence and disrupt their lucrative extortion racket.”

Title: New Security Vulnerability Affects Thousands of GitLab Instances
Date Published: March 3, 2022

https://thehackernews.com/2022/03/new-security-vulnerability-affects.html

Excerpt: “Researchers have disclosed details of a now-patched security vulnerability in GitLab, an open-source DevOps software, that could potentially allow a remote, unauthenticated attacker to recover user-related information. Tracked as CVE-2021-4191 (CVSS score: 5.3), the medium-severity flaw affects all versions of GitLab Community Edition and Enterprise Edition starting from 13.0 and all versions starting from 14.4 and prior to 14.8.”

Title: Medical Device Disclosures on the rise, but Providers Struggle to Patch Known Flaws
Date Published: March 3, 2022

https://www.scmagazine.com/analysis/patch-management/medical-device-disclosures-on-the-rise-but-providers-struggle-to-patch-known-flaws

Excerpt: “Recent Claroty research shows that the number of vulnerability disclosures, including those for medical devices, are on the rise. However, patch management struggles may be impeding that progress. As seen with new Palo Alto research on infusion pump vulnerabilities, the majority of these devices are operating with known flaws. The two reports impart the continued challenges to securing medical devices in the healthcare environment: the continued chasm between responsible disclosures and providers’ ability to close known security gaps.”

Title: CISA Warns Organizations to Patch 95 Actively Exploited Bugs
Date Published: March 4, 2022

https://www.bleepingcomputer.com/news/security/cisa-warns-organizations-to-patch-95-actively-exploited-bugs/

Excerpt: “The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 95 vulnerabilities to its list of actively exploited security issues, the largest number since issuing the binding operational directive (BOD) last year.”

Title: Russia-Ukraine, Who Are the Soldiers that Crowd Cyberspace?
Date Published: March 4, 2022

https://securityaffairs.co/wordpress/128659/cyber-warfare-2/russia-ukraine-battlefield.html

Excerpt: “The analysis of the current scenario in cyberspace is not easy due to the presence of multiple threat actors and the difficulty of attributing the attacks. Security group CyberKnow shared an interesting analysis about the group, their operations and the channels they are using to disclose their operations.”

Title: Both Sides in Russia-Ukraine War Heavily Using Telegram for Disinformation and Hacktivism
Date Published: March 4, 2022

https://thehackernews.com/2022/03/both-sides-in-russia-ukraine-war.html

Excerpt: “Cyber criminals and hacktivist groups are increasingly using the Telegram messaging app for their activities, as the Russia-Ukraine conflict enters its eighth day. A new analysis by Israeli cybersecurity company Check Point Research has found that “user volume grew a hundred folds daily on Telegram related groups, peaking at 200,000 per group.” Prominent among the groups are anti-Russian cyber attack groups, including the Ukraine government-backed IT Army, which has urged its more 270,000 members to conduct distributed denial-of-service (DDoS) attacks against Russian entities.”

Recent Posts

September 16, 2022

Title: Uber hacked, internal systems breached and vulnerability reports stolen Date Published: September 16, 2022 https://www.bleepingcomputer.com/news/security/uber-hacked-internal-systems-breached-and-vulnerability-reports-stolen/ Excerpt: “Uber suffered a...

September 15, 2022

Title: Webworm hackers modify old malware in new attacks to evade attribution Date Published: September 15, 2022 https://www.bleepingcomputer.com/news/security/webworm-hackers-modify-old-malware-in-new-attacks-to-evade-attribution/ Excerpt: “The Chinese 'Webworm'...

September 14, 2022

Title: Chinese hackers create Linux version of the SideWalk Windows malware Date Published: September 14, 2022 https://www.bleepingcomputer.com/news/security/chinese-hackers-create-linux-version-of-the-sidewalk-windows-malware/ Excerpt: “State-backed Chinese hackers...

September 13, 2022

Title: Cyberspies drop new infostealer malware on govt networks in Asia Date Published: September 13, 2022 https://www.bleepingcomputer.com/news/security/cyberspies-drop-new-infostealer-malware-on-govt-networks-in-asia/ Excerpt: “Security researchers have identified...

September 12, 2022

Title: Cisco confirms Yanluowang ransomware leaked stolen company data Date Published: September 12, 2022 https://www.bleepingcomputer.com/news/security/cisco-confirms-yanluowang-ransomware-leaked-stolen-company-data/ Excerpt: “Cisco has confirmed that the data leaked...

September 9, 2022

Title: Bumblebee Malware Adds Post-exploitation Tool for Stealthy Infections Date Published: September 8, 2022 https://www.bleepingcomputer.com/news/security/bumblebee-malware-adds-post-exploitation-tool-for-stealthy-infections/ Excerpt: “A new version of the...

September 8, 2022

Title: North Korean Lazarus Hackers Take Aim at U.S. Energy Providers Date Published: September 8, 2022 https://www.bleepingcomputer.com/news/security/north-korean-lazarus-hackers-take-aim-at-us-energy-providers/ Excerpt: “The North Korean APT group 'Lazarus' (APT38)...