May 31, 2022

Fortify Security Team
May 31, 2022

Title: Microsoft Shares Mitigation for Office Zero-Day Exploited in Attacks
DatePublished: May 31, 2022

https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-office-zero-day-exploited-in-attacks/

Excerpt: “Microsoft has shared mitigation measures to block attacks exploiting a newly discovered Microsoft Office zero-day flaw abused in the wild to execute malicious code remotely. The bug is a Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution vulnerability reported by crazyman of the Shadow Chaser Group.”

Title: Experts Warn of Ransomware Attacks Against Government Organizations of Small States
Date Published: May 31, 2022

https://securityaffairs.co/wordpress/131816/malware/ransomware-attacks-small-states-q2-2022.html

Excerpt: “Cyber Research Labs observed a rise in ransomware attacks in the second quarter of 2022, some of them with a severe impact on the victims, such as the attack that hit the Costa Rican government that caused a nationwide crisis. The experts warn of ransomware attacks against government organizations. They observed a total of 48 government organizations from 21 countries that were hit by 13 ransomware attacks in 2022.”

Title: ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats
Date Published: May 31, 2022

https://threatpost.com/chromeloader-hijacker-threats/179761/

Excerpt: “ChromeLoader may seem on the surface like a run-of-the-mill browser hijacker that merely redirects victims to advertisement websites. However, its use of PowerShell could pose a greater risk by leading to further and advanced malicious activity, such as the propagation of ransomware or spyware or theft of browser-session data. Researchers are warning of the potential for ChromeLoader—which has seen a resurgence in activity recently—to pose a more sophisticated threat than typical malvertisers do, according to two separate blog posts by Malwarebytes Labs and Red Canary.”

Title: $39.5 Billion Lost to Phone Scams in Last Year
Date Published: May 30, 2022

https://www.helpnetsecurity.com/2022/05/30/spam-phone-scams-impact/

Excerpt: “Truecaller announced a research conducted in partnership with The Harris Poll in March of 2022, and the findings detail trends/insights on the impact of spam and phone scams that have increasingly permeated the U.S. over the last 12 months. The study estimates that a staggering $39.5 billion was lost to phone scams this past year, which is the highest number recorded since Truecaller began researching scam and spam calls in the U.S. eight years ago.

Title: CISA Adds 75 Flaws to Known Vulnerability Catalog in 3 Days
Date Published: May 30, 2022

https://www.bankinfosecurity.com/cisa-adds-75-flaws-to-known-vulnerability-catalog-in-3-days-a-19170

Excerpt: “The U.S. Cybersecurity and Infrastructure Security Agency added 75 flaws to its catalog of known exploited software vulnerabilities. The vulnerabilities were disclosed as part of three separate batches on three consecutive days – it released batches of 21, 20 and 34 vulnerabilities on Monday, Tuesday and Wednesday respectively. The known exploited vulnerability catalog requires federal civilian agencies to patch vulnerabilities known to be actively exploited in the wild.”

Title: Latest Mobile Malware Report Suggests On-Device Fraud is on the Rise
Date Published: May 31, 2022

https://thehackernews.com/2022/05/latest-mobile-malware-report-suggests.html

Excerpt: “An analysis of the mobile threat landscape in 2022 shows that Spain and Turkey are the most targeted countries for malware campaigns, even as a mix of new and existing banking trojans are increasingly targeting Android devices to conduct on-device fraud (ODF). Other frequently targeted countries include Poland, Australia, the U.S., Germany, the U.K., Italy, France, and Portugal.

Title: Russia Nixes US Charges Against REvil Defendants as Cooperation Fizzles
Date Published: May  31, 2022

https://www.scmagazine.com/analysis/ransomware/russia-nixes-us-charges-against-revil-defendants-as-cooperation-fizzles

Excerpt: “Blaming the United States for a lack of cooperation, Russian will not charge the defendants in the REvil case with any attacks on Americans or American businesses, according to Russian media reports last week. Whatever progress the United States had made under the Biden administration in encouraging Moscow to address its harboring of cybercriminals appears to be at a standstill.”

Title: Vodafone Plans Carrier-Level User Tracking for Targeted ads
Date Published: May 30, 2022

https://www.bleepingcomputer.com/news/security/vodafone-plans-carrier-level-user-tracking-for-targeted-ads/

Excerpt: “Vodafone is piloting a new advertising ID system called TrustPid, which will work as a persistent user tracker at the mobile Internet Service Provider (ISP) level. The new system is in test phase in Germany and is intended to be impossible to bypass from within the web browser settings or through cookie blocking or IP address masking.”

Title: Three Nigerian Men Arrested in INTERPOL Operation Killer Bee
Date Published: May 30, 2022

https://securityaffairs.co/wordpress/131811/cyber-crime/three-nigerians-arrested-by-interpol.html

Excerpt: “Interpol arrested 3 Nigerian men in Lagos, as part of an international operation codenamed Killer Bee. The three men are suspected of using the Agent Tesla RAT to reroute financial transactions and steal confidential details from corporate organizations. The suspects, aged between 31 and 38, the police found them in possession of fake documents, including fraudulent invoices and forged official letters.”

Title: EnemyBot Linux Botnet Now Exploits Web Server, Android and CMS Vulnerabilities
Date Published: May 30, 2022

https://thehackernews.com/2022/05/enemybot-linux-botnet-now-exploits-web.html

Excerpt: “A nascent Linux-based botnet named Enemybot has expanded its capabilities to include recently disclosed security vulnerabilities in its arsenal to target web servers, Android devices, and content management systems (CMS).”

Recent Posts

June 30, 2022

Title: Google Blocked Dozens of Domains Used by Hack-For-Hire Groups Date Published: June 30, 2022 https://www.bleepingcomputer.com/news/security/google-blocked-dozens-of-domains-used-by-hack-for-hire-groups/ Excerpt: “Google's Threat Analysis Group (TAG) has blocked...

June 28, 2022

Title: Over 900,000 Kubernetes Instances Found Exposed Online Date Published: June 28, 2022 https://www.bleepingcomputer.com/news/security/over-900-000-kubernetes-instances-found-exposed-online/ Excerpt: “Over 900,000 misconfigured Kubernetes clusters were found...

June 27, 2022

Title: CafePress Fined $500,000 for Breach Affecting 23 Million Users Date Published: June 24, 2022 https://www.bleepingcomputer.com/news/security/cafepress-fined-500-000-for-breach-affecting-23-million-users/ Excerpt: “The U.S. Federal Trade Commission (FTC) has...

June 24, 2022

Title: Scalper Bots out of Control in Israel, Selling State Appointments Date Published: June 23, 2022 https://www.bleepingcomputer.com/news/security/scalper-bots-out-of-control-in-israel-selling-state-appointments/ Excerpt: “Out-of-control scalper bots have created...

June 23, 2022

Title: New MetaMask Phishing Campaign uses KYC Lures to Steal Passphrases Date Published: June 23, 2022 https://www.bleepingcomputer.com/news/security/new-metamask-phishing-campaign-uses-kyc-lures-to-steal-passphrases/ Excerpt: “A new phishing campaign is targeting...

June 22, 2022

Title: Microsoft Reveals Cause Behind this Week’s Microsoft 365 Outage Date Published: June 22, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-reveals-cause-behind-this-week-s-microsoft-365-outage/ Excerpt: “Microsoft has revealed that this week's...

June 21, 2022

Title: Microsoft 365 Outage Affects Microsoft Teams and Exchange Online Date Published: June 21, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-affects-microsoft-teams-and-exchange-online/ Excerpt: “An ongoing outage affects multiple...