May 6, 2022

Fortify Security Team
May 6, 2022

Title: Google Docs Crashes on Seeing “And. And. And. And. And.”
Date Published: May 6, 2022

Excerpt: “A bug in Google Docs is causing it to crash when a series of words are typed into a document opened with the online word processor. Once crashed, you may not be able to easily re-access the document as doing so would trigger the crash again. BleepingComputer was able to reproduce the issue last night and reached out to Google.”

Title: Vulnerable Docker Installations Are A Playhouse for Malware Attacks
Date Published: May 6, 2022

Excerpt: “The Uptycs Threat Research team has identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API port 2375. The attacks are related to crypto miners and reverse shells on the vulnerable servers using base64-encoded commands in the cmdline, built to evade defense mechanisms. This article briefly discusses three types of attacks which we observed lately in our Docker honeypot.”

Title: USB-based Wormable Malware Targets Windows Installer
Date Published: May 6, 2022

Excerpt: “Wormable malware dubbed Raspberry Robin has been active since last September and  is wriggling its way through USB drives onto Windows machines to use Microsoft Standard Installer and other legitimate processes to install malicious files, researchers have found.”

Title: Hackers Using PrivateLoader PPI Service to Distribute New NetDooka Malware
Date Published: May 6, 2022

Excerpt: “A pay-per-install (PPI) malware service known as PrivateLoader has been spotted distributing a “fairly sophisticated” framework called NetDooka, granting attackers complete control over the infected devices.

“The framework is distributed via a pay-per-install (PPI) service and contains multiple parts, including a loader, a dropper, a protection driver, and a full-featured remote access trojan (RAT) that implements its own network communication protocol,” Trend Micro said in a report published Thursday.”

Title: DHS Board Reignites Debate on Proper Role of Feds When Fighting Disinformation
Date Published: May 6, 2022

Excerpt: “A top Republican on the House Homeland Security’s Committee is pressing the Department of Homeland Security for more information about the scope and authorities of a recently stood-up disinformation group. In a letter dated May 4, Rep. Andrew Garbarino, R-N.Y., said he had “serious privacy and civil liberties concerns” with the recently announced Disinformation Governance Board at DHS and asks Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, for more information on its makeup and authorities.”

Title: SheetJS Ditches NPM Registry Over 2FA Requirement and ‘Legal Matters’
Date Published: May 6, 2022

Excerpt: “In a surprising move, the popular open source project, SheetJS aka “xlsx,” has dropped support for the npm registry. Downloaded about 1.4 million times weekly on npm, SheetJS is relied upon by NodeJS developers looking to craft and parse Excel spreadsheets using nothing but JavaScript. The project’s maintainer suggests that the decision to pull out of the npm registry is based on the newly introduced two-factor requirements for top projects, GitHub’s abrupt decision-making, and ongoing ‘legal matters’ between SheetJS and npm.”

Title: Ukraine IT Army Hit EGAIS Portal Impacting Russia’s Alcohol Distribution
Date Published: May  6, 2022

Excerpt: “The collective of hacktivists Ukraine IT Army has launched a series of massive DDoS attacks on the Unified State Automated Alcohol Accounting Information System (EGAIS) portal, which is considered crucial for alcohol distribution in Russia. “Producers and distributors of alcohol for the first May holidays could not ship products to their customers due to a large-scale failure in the operation of the Unified State Automated Alcohol Accounting Information System (EGAIS). This was reported to Vedomosti by four participants in this market, a representative of a large retailer and an employee of a specialized association.” reported Vedomosti “Apparently, we are talking about DDoS attacks.” Alcohol producers and distributors were not able to ship products due to the unavailability of EGAIS system, and retail points warned of possible shortages due to the current situation.”

Title: Nothing personal: Training Employees to Identify a Spear Phishing Attack
Date Published: May 6, 2022

Excerpt: “Phishing attacks began years ago as simple spam, designed to trick recipients into visiting sites and becoming customers. In the meantime, they have morphed into a worldwide criminal industry. In recent years, threat actors have refined their methods of phishing, becoming increasingly more sophisticated as people have become wise to the traditional, obvious and unrealistic emails, which now often trigger suspicion.”

Title: Experts Uncover New Espionage Attacks by Chinese ‘Mustang Panda’ Hackers
Date Published: May 6, 2022

Excerpt: “The China-based threat actor known as Mustang Panda has been observed refining and retooling its tactics and malware to strike entities located in Asia, the European Union, Russia, and the U.S. “Mustang Panda is a highly motivated APT group relying primarily on the use of topical lures and social engineering to trick victims into infecting themselves,” Cisco Talos said in a new report detailing the group’s evolving modus operandi.”

Title: New Framework Aims to Secure Digital Health Apps not Covered by HIPAA
Date Published: May 5, 2022

Excerpt: “A new framework developed and released by several healthcare stakeholder groups takes aim at securing digital health technologies and mobile health apps, the vast majority of which fall outside of The Health Insurance Portability and Accountability Act regulation. Developed in partnership between The American College of Physicians, the American Telemedicine Association, and the Organization for the Review of Care and Health Applications, the U.S. framework is meant to support both healthcare professionals and consumers.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 Excerpt: “The duration of ransomware attacks in 2021...