May 31, 2022

Fortify Security Team
May 31, 2022

Title: Microsoft Shares Mitigation for Office Zero-Day Exploited in Attacks
DatePublished: May 31, 2022

Excerpt: “Microsoft has shared mitigation measures to block attacks exploiting a newly discovered Microsoft Office zero-day flaw abused in the wild to execute malicious code remotely. The bug is a Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution vulnerability reported by crazyman of the Shadow Chaser Group.”

Title: Experts Warn of Ransomware Attacks Against Government Organizations of Small States
Date Published: May 31, 2022

Excerpt: “Cyber Research Labs observed a rise in ransomware attacks in the second quarter of 2022, some of them with a severe impact on the victims, such as the attack that hit the Costa Rican government that caused a nationwide crisis. The experts warn of ransomware attacks against government organizations. They observed a total of 48 government organizations from 21 countries that were hit by 13 ransomware attacks in 2022.”

Title: ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats
Date Published: May 31, 2022

Excerpt: “ChromeLoader may seem on the surface like a run-of-the-mill browser hijacker that merely redirects victims to advertisement websites. However, its use of PowerShell could pose a greater risk by leading to further and advanced malicious activity, such as the propagation of ransomware or spyware or theft of browser-session data. Researchers are warning of the potential for ChromeLoader—which has seen a resurgence in activity recently—to pose a more sophisticated threat than typical malvertisers do, according to two separate blog posts by Malwarebytes Labs and Red Canary.”

Title: $39.5 Billion Lost to Phone Scams in Last Year
Date Published: May 30, 2022

Excerpt: “Truecaller announced a research conducted in partnership with The Harris Poll in March of 2022, and the findings detail trends/insights on the impact of spam and phone scams that have increasingly permeated the U.S. over the last 12 months. The study estimates that a staggering $39.5 billion was lost to phone scams this past year, which is the highest number recorded since Truecaller began researching scam and spam calls in the U.S. eight years ago.

Title: CISA Adds 75 Flaws to Known Vulnerability Catalog in 3 Days
Date Published: May 30, 2022

Excerpt: “The U.S. Cybersecurity and Infrastructure Security Agency added 75 flaws to its catalog of known exploited software vulnerabilities. The vulnerabilities were disclosed as part of three separate batches on three consecutive days – it released batches of 21, 20 and 34 vulnerabilities on Monday, Tuesday and Wednesday respectively. The known exploited vulnerability catalog requires federal civilian agencies to patch vulnerabilities known to be actively exploited in the wild.”

Title: Latest Mobile Malware Report Suggests On-Device Fraud is on the Rise
Date Published: May 31, 2022

Excerpt: “An analysis of the mobile threat landscape in 2022 shows that Spain and Turkey are the most targeted countries for malware campaigns, even as a mix of new and existing banking trojans are increasingly targeting Android devices to conduct on-device fraud (ODF). Other frequently targeted countries include Poland, Australia, the U.S., Germany, the U.K., Italy, France, and Portugal.

Title: Russia Nixes US Charges Against REvil Defendants as Cooperation Fizzles
Date Published: May  31, 2022

Excerpt: “Blaming the United States for a lack of cooperation, Russian will not charge the defendants in the REvil case with any attacks on Americans or American businesses, according to Russian media reports last week. Whatever progress the United States had made under the Biden administration in encouraging Moscow to address its harboring of cybercriminals appears to be at a standstill.”

Title: Vodafone Plans Carrier-Level User Tracking for Targeted ads
Date Published: May 30, 2022

Excerpt: “Vodafone is piloting a new advertising ID system called TrustPid, which will work as a persistent user tracker at the mobile Internet Service Provider (ISP) level. The new system is in test phase in Germany and is intended to be impossible to bypass from within the web browser settings or through cookie blocking or IP address masking.”

Title: Three Nigerian Men Arrested in INTERPOL Operation Killer Bee
Date Published: May 30, 2022

Excerpt: “Interpol arrested 3 Nigerian men in Lagos, as part of an international operation codenamed Killer Bee. The three men are suspected of using the Agent Tesla RAT to reroute financial transactions and steal confidential details from corporate organizations. The suspects, aged between 31 and 38, the police found them in possession of fake documents, including fraudulent invoices and forged official letters.”

Title: EnemyBot Linux Botnet Now Exploits Web Server, Android and CMS Vulnerabilities
Date Published: May 30, 2022

Excerpt: “A nascent Linux-based botnet named Enemybot has expanded its capabilities to include recently disclosed security vulnerabilities in its arsenal to target web servers, Android devices, and content management systems (CMS).”

Recent Posts

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 Excerpt: “Florida man Nicholas Truglia...

December 2, 2022

Title: New Go-Based Redigo Malware Targets Redis Servers Date Published: December 1, 2022 Excerpt: “Redigo is a new Go-based malware employed in attacks against Redis servers...

December 1, 2022

Title: Keralty Ransomware Attack Impacts Colombia’s Health Care System Date Published: November 30, 2022 Excerpt: “The Keralty multinational healthcare...