May 6, 2022

Fortify Security Team
May 6, 2022

Title: Google Docs Crashes on Seeing “And. And. And. And. And.”
Date Published: May 6, 2022

Excerpt: “A bug in Google Docs is causing it to crash when a series of words are typed into a document opened with the online word processor. Once crashed, you may not be able to easily re-access the document as doing so would trigger the crash again. BleepingComputer was able to reproduce the issue last night and reached out to Google.”

Title: Vulnerable Docker Installations Are A Playhouse for Malware Attacks
Date Published: May 6, 2022

Excerpt: “The Uptycs Threat Research team has identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API port 2375. The attacks are related to crypto miners and reverse shells on the vulnerable servers using base64-encoded commands in the cmdline, built to evade defense mechanisms. This article briefly discusses three types of attacks which we observed lately in our Docker honeypot.”

Title: USB-based Wormable Malware Targets Windows Installer
Date Published: May 6, 2022

Excerpt: “Wormable malware dubbed Raspberry Robin has been active since last September and  is wriggling its way through USB drives onto Windows machines to use Microsoft Standard Installer and other legitimate processes to install malicious files, researchers have found.”

Title: Hackers Using PrivateLoader PPI Service to Distribute New NetDooka Malware
Date Published: May 6, 2022

Excerpt: “A pay-per-install (PPI) malware service known as PrivateLoader has been spotted distributing a “fairly sophisticated” framework called NetDooka, granting attackers complete control over the infected devices.

“The framework is distributed via a pay-per-install (PPI) service and contains multiple parts, including a loader, a dropper, a protection driver, and a full-featured remote access trojan (RAT) that implements its own network communication protocol,” Trend Micro said in a report published Thursday.”

Title: DHS Board Reignites Debate on Proper Role of Feds When Fighting Disinformation
Date Published: May 6, 2022

Excerpt: “A top Republican on the House Homeland Security’s Committee is pressing the Department of Homeland Security for more information about the scope and authorities of a recently stood-up disinformation group. In a letter dated May 4, Rep. Andrew Garbarino, R-N.Y., said he had “serious privacy and civil liberties concerns” with the recently announced Disinformation Governance Board at DHS and asks Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, for more information on its makeup and authorities.”

Title: SheetJS Ditches NPM Registry Over 2FA Requirement and ‘Legal Matters’
Date Published: May 6, 2022

Excerpt: “In a surprising move, the popular open source project, SheetJS aka “xlsx,” has dropped support for the npm registry. Downloaded about 1.4 million times weekly on npm, SheetJS is relied upon by NodeJS developers looking to craft and parse Excel spreadsheets using nothing but JavaScript. The project’s maintainer suggests that the decision to pull out of the npm registry is based on the newly introduced two-factor requirements for top projects, GitHub’s abrupt decision-making, and ongoing ‘legal matters’ between SheetJS and npm.”

Title: Ukraine IT Army Hit EGAIS Portal Impacting Russia’s Alcohol Distribution
Date Published: May  6, 2022

Excerpt: “The collective of hacktivists Ukraine IT Army has launched a series of massive DDoS attacks on the Unified State Automated Alcohol Accounting Information System (EGAIS) portal, which is considered crucial for alcohol distribution in Russia. “Producers and distributors of alcohol for the first May holidays could not ship products to their customers due to a large-scale failure in the operation of the Unified State Automated Alcohol Accounting Information System (EGAIS). This was reported to Vedomosti by four participants in this market, a representative of a large retailer and an employee of a specialized association.” reported Vedomosti “Apparently, we are talking about DDoS attacks.” Alcohol producers and distributors were not able to ship products due to the unavailability of EGAIS system, and retail points warned of possible shortages due to the current situation.”

Title: Nothing personal: Training Employees to Identify a Spear Phishing Attack
Date Published: May 6, 2022

Excerpt: “Phishing attacks began years ago as simple spam, designed to trick recipients into visiting sites and becoming customers. In the meantime, they have morphed into a worldwide criminal industry. In recent years, threat actors have refined their methods of phishing, becoming increasingly more sophisticated as people have become wise to the traditional, obvious and unrealistic emails, which now often trigger suspicion.”

Title: Experts Uncover New Espionage Attacks by Chinese ‘Mustang Panda’ Hackers
Date Published: May 6, 2022

Excerpt: “The China-based threat actor known as Mustang Panda has been observed refining and retooling its tactics and malware to strike entities located in Asia, the European Union, Russia, and the U.S. “Mustang Panda is a highly motivated APT group relying primarily on the use of topical lures and social engineering to trick victims into infecting themselves,” Cisco Talos said in a new report detailing the group’s evolving modus operandi.”

Title: New Framework Aims to Secure Digital Health Apps not Covered by HIPAA
Date Published: May 5, 2022

Excerpt: “A new framework developed and released by several healthcare stakeholder groups takes aim at securing digital health technologies and mobile health apps, the vast majority of which fall outside of The Health Insurance Portability and Accountability Act regulation. Developed in partnership between The American College of Physicians, the American Telemedicine Association, and the Organization for the Review of Care and Health Applications, the U.S. framework is meant to support both healthcare professionals and consumers.”

Recent Posts

July 17, 2023

Title: Thousands of Images on Docker Hub Leak Auth Secrets, Private Keys Date Published: July 16, 2023 Excerpt: “Researchers at the RWTH Aachen University...

July 14, 2023

Title: Indexing Over 15 Million WordPress Websites with PWNPress Date Published: July 14, 2023 Excerpt: “Sicuranex’s PWNPress platform indexed over 15 million WordPress websites, it collects data...

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 Excerpt: “Florida man Nicholas Truglia...