June 10, 2022

Fortify Security Team
Jun 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store
Date Published: June 9, 2022


Excerpt: “A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service’s in-game Robux currency.Roblox is an online kids gaming platform where members can create their own games and monetize them by selling Game Passes, which provide in-game items, special access, or enhanced features.”

Title: Vice Society Ransomware Gang Adds the Italian City of Palermo to its Data Leak Site
Date Published: June 10, 2022


Excerpt: “The Vice Society ransomware group has claimed responsibility for the recent cyber attack that hit the city of Palermo in the South of Italy. In response to the security breach, the IT infrastructure of the city was shut down. The attack took place on June 02 and the outage caused severe problems to the citizens. Sispi (Palermo Innovazione System), which is the municipal company that is responsible for the technical management of the municipal IT and telematic system of the Municipality of Palermo, confirmed the ransomware attack a few days later, but at this time it doesn’t confirm the data breach.”

Title: Feds Forced Travel Firms to Share Surveillance Data on Hacker
Date Published: June 9, 2022


Excerpt: “The U.S. government ordered two travel companies to provide information about the movement of a Russian citizen suspected of hacking. The surveillance data was used as part of an investigation by the U.S. Secret Service, according to court documents recently unsealed. The revelation of the extent of surveillance that the feds ordered companies to do in a 2015 investigation of Russian hacker Aleksei Burkov once again raises questions of privacy, accountability and responsibility in terms of how much access the government should have to an individual’s private data.”

Title: Researchers Unearth Highly Evasive “Parasitic” Linux Malware
Date Published: June 10, 2022


Excerpt: “Security researchers at Intezer and BlackBerry have documented Symbiote, a wholly unique, multi-purpose piece of Linux malware that is nearly impossible to detect. “What makes Symbiote different from other Linux malware that we usually come across, is that it needs to infect other running processes to inflict damage on infected machines. Instead of being a standalone executable file that is run to infect a machine, it is a shared object (SO) library that is loaded into all running processes using LD_PRELOAD (T1574.006), and parasitically infects the machine,” the researchers pointed out.”

Title: Researchers Detail How Cyber Criminals Targeting Cryptocurrency Users
Date Published: June 10, 2022


Excerpt: “Cybercriminals are impersonating popular crypto platforms such as Binance, Celo, and Trust Wallet with spoofed emails and fake login pages in an attempt to steal login details and deceptively transfer virtual funds. “As cryptocurrency and non-fungible tokens (NFTs) become more mainstream, and capture headlines for their volatility, there is a greater likelihood of more individuals falling victim to fraud attempting to exploit people for digital currencies,” Proofpoint said in a new report.”

Title: Since 2004, the Average American has had At Least 7 Data Breaches
Date Published: June  9, 2022


Excerpt: “U.S. citizens face the greatest number of cyber threats as compared with people in other nations worldwide, according to a recent study by IT security company Surfshark. After reviewing nearly two decades of data regarding cyber incidents, Surkshark found that the average American had been affected by at least seven data breaches since 2004. U.S. citizens have faced an estimated 2.3 billion account compromises, while Russia comes second with 2.2 billion accounts of cyberattacks, followed by China, Germany and France.”

Title: Design Weakness Discovered in Apple M1 Kernel Protections
Date Published: June  10, 2022


Excerpt: “Security researchers today released details about a new attack they designed against Apple’s M1 processor chip that can undermine a key security feature that protects the operating system (OS) kernel from memory corruption attacks. Dubbed PACMAN, the proof-of-concept attack targets ARM Pointer Authentication, a processor hardware feature that’s used as a last line of defense against software bugs that can be leveraged to corrupt the content of a memory location, hijack the execution flow of a running program, and ultimately gain complete control of the system.”

Title: Microsoft Defender now Isolates Hacked, Unmanaged Windows Devices
Date Published: June 9, 2022


Excerpt: “Microsoft has announced a new feature for Microsoft Defender for Endpoint (MDE) to help organizations prevent attackers and malware from using compromised unmanaged devices to move laterally through the network. This new feature allows admins to “contain” unmanaged Windows devices on their network if they were compromised or are suspected to be compromised.”

Title: New Emotet Variant Uses a Module to Steal Data from Google Chrome
Date Published: June 9, 2022


Excerpt: “Proofpoint researchers reported a new wave of Emotet infections, in particular, a new variant is using a new info-stealing module used to siphon credit card information stored in the Chrome browser. Once the card data were gathered, the module exfiltrates it to C2 servers that are different from the loader module.”

Title: New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing
Date Published: June 9, 2022


Excerpt: “A newly designed privacy-sensitive architecture aims to enable developers to create smart home apps in a manner that addresses data sharing concerns and puts users in control over their personal information. Dubbed Peekaboo by researchers from Carnegie Mellon University, the system “leverages an in-home hub to pre-process and minimize outgoing data in a structured and enforceable manner before sending it to external cloud servers.””

Recent Posts

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/ Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 https://www.bleepingcomputer.com/news/legal/surfshark-expressvpn-pull-out-of-india-over-data-retention-laws/ Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 https://www.bleepingcomputer.com/news/security/italian-city-of-palermo-shuts-down-all-systems-to-fend-off-cyberattack/ Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/critical-atlassian-confluence-zero-day-actively-used-in-attacks/ Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/conti-ransomware-targeted-intel-firmware-for-stealthy-attacks/ Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/ Excerpt: “The duration of ransomware attacks in 2021...

May 31, 2022

Title: Microsoft Shares Mitigation for Office Zero-Day Exploited in Attacks DatePublished: May 31, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-office-zero-day-exploited-in-attacks/ Excerpt: “Microsoft has shared mitigation...