April 6, 2022

Fortify Security Team
Apr 6, 2022

Title: U.S. Sanctions Crypto-Exchange Garantex for Aiding Hydra Market

Date Published: April 6, 2022


Excerpt: “Microsoft has removed a compatibility hold blocking Windows 11 upgrades for Windows 10 customers after fixing a known issue leading to problems importing Internet Explorer 11 (IE11) data into Microsoft Edge. The safeguard hold was applied for Windows 10 systems where IE11 was the main or the default browser. The only customers impacted by the now-fixed known issue were those who didn’t import their IE11 information into Microsoft Edge before starting the Windows 11 upgrade process.”

Title: Block Discloses Data Breach Involving Cash App Potentially Impacting 8.2 million US Customers

Date Published: April 6, 2022


Excerpt: “The data breach involved a former employee that downloaded some unspecified reports of its Cash App Investing app that contained some U.S. customer information. Cash App is an app that allows users to easily send money, spend money, save money, and buy cryptocurrency.”

Title: Attackers Spoof WhatsApp Voice-Message Alerts to Steal Info

Date Published: April 6, 2022


Excerpt: “Attackers are spoofing voice message notifications from WhatsApp in a malicious phishing campaign that uses a legitimate domain to spread an info-stealing malware, researchers have found. Researchers at cloud email security firm Armorblox discovered the malicious campaign targeting Office 365 and Google Workspace accounts using emails sent from domain associated with the Center for Road Safety, an entity believed to reside within the Moscow, Russia region. The site itself is legitimate, as it’s connected to the State Road Safety operations for Moscow and belongs to the Ministry of Internal Affairs of the Russian Federation, according to a blog post published Tuesday.”

Title: New Mirai-Based Campaign Targets Unpatched TOTOLINK Routers

Date Published: April 5, 2022


Excerpt: “A new ongoing malware campaign is currently being conducted in the wild, targeting unpatched TOTOLINK routers. By leveraging a newly released exploit code, threat actors can potentially infect vulnerable devices, according to researchers at security firm FortiGuard Labs.”

Title: Hackers Distributing Fake Shopping Apps to Steal Banking Data of Malaysian Users

Date Published: April 6, 2022


Excerpt: “Threat actors have been distributing malicious applications under the guise of seemingly harmless shopping apps to target customers of eight Malaysian banks since at least November 2021. The attacks involved setting up fraudulent but legitimate-looking websites to trick users into downloading the apps, Slovak cybersecurity firm ESET said in a report shared with The Hacker News.”

Title: Identity Fraud Skyrockets as Hackers Stick to Pre-Pandemic Techniques

Date Published: April 6, 2022


Excerpt: “The more things change, the more they stay the same. That’s often true for financial cyberattacks, which have seen a steep rise in the impact of identity fraud, with criminals often sticking with or just reverting to “pre-pandemic” scams and techniques to steal sensitive data from financial firms and their customers, according to a recent report from Javelin Strategy & Research.”

Title: Australia Warns of Money Recovery Phishing Luring Past Victims

Date Published: April  5, 2022


Excerpt: “The Australian Competition & Consumer Commission is raising awareness about a spike in money recovery scams. The agency warns in an alert today that reports of money recovery scams this year have increased in Australia by 725% compared to the same period in 2021.”

Title: Russia-linked Armageddon APT targets Ukrainian State Organizations, CERT-UA Warns

Date Published: April 5, 2022


Excerpt: “Ukraine CERT-UA published a security advisory to warn of spear-phishing attacks conducted by Russia-linked Armageddon APT (aka Gamaredon, Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) targeting local state organizations. The phishing messages have been sent from “[email protected][.]ua,” the campaign aims at infecting the target systems with malware.”

Title: OT-IT Integration Raises Risk for Water Providers, Experts Say

Date Published: April 5, 2022


Excerpt: “At a congressional hearing Tuesday, “Mobilizing Our Cyber Defenses: Securing Critical Infrastructure Against Russian Cyber Threats,” a water trade association urged the federal government to follow the lead of the electric sector and institute minimum cybersecurity standards for water systems.”

Title: Ukraine Warns of Cyber attack Aiming to Hack Users’ Telegram Messenger Accounts

Date Published: April 6, 2022


Excerpt: “Ukraine’s technical security and intelligence service is warning of a new wave of cyber attacks that are aimed at gaining access to users’ Telegram accounts. “The criminals sent messages with malicious links to the Telegram website in order to gain unauthorized access to the records, including the possibility to transfer a one-time code from SMS,” the State Service of Special Communication and Information Protection (SSSCIP) of Ukraine said in an alert.”

Recent Posts

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 https://www.bleepingcomputer.com/news/security/sim-swapper-gets-18-months-for-involvement-in-22-million-crypto-heist/ Excerpt: “Florida man Nicholas Truglia...

December 2, 2022

Title: New Go-Based Redigo Malware Targets Redis Servers Date Published: December 1, 2022 https://securityaffairs.co/wordpress/139164/malware/redigo-malware-targets-redis-servers.html Excerpt: “Redigo is a new Go-based malware employed in attacks against Redis servers...

December 1, 2022

Title: Keralty Ransomware Attack Impacts Colombia’s Health Care System Date Published: November 30, 2022 https://www.bleepingcomputer.com/news/security/keralty-ransomware-attack-impacts-colombias-health-care-system/ Excerpt: “The Keralty multinational healthcare...

November 30, 2022

Title: China-Linked UNC4191 APT Relies on USB Devices in Attacks Against Entities in the Philippines Date Published: November 30, 2022 https://securityaffairs.co/wordpress/139097/apt/unc4191-used-usb-devices.html Excerpt: “An alleged China-linked cyberespionage group,...

November 30, 2022

Title: China-Linked UNC4191 APT Relies on USB Devices in Attacks Against Entities in the Philippines Date Published: November 30, 2022 https://securityaffairs.co/wordpress/139097/apt/unc4191-used-usb-devices.html Excerpt: “An alleged China-linked cyberespionage group,...

November 29, 2022

Title: Malicious Android App Found Powering Account Creation Service Date Published: November 28, 2022 https://www.bleepingcomputer.com/news/security/malicious-android-app-found-powering-account-creation-service/ Excerpt: “A fake Android SMS application, with 100,000...

November 28, 2022

Title: Ransomboggs Ransomware Hit Several Ukrainian Entities, Experts Attribute It to Russia Date Published: November 28, 2022 https://securityaffairs.co/wordpress/139028/cyber-warfare-2/ransomboggs-ransomware-targeted-ukraine.html Excerpt: “Several Ukrainian...