June 10, 2022

Fortify Security Team
Jun 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store
Date Published: June 9, 2022


Excerpt: “A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service’s in-game Robux currency.Roblox is an online kids gaming platform where members can create their own games and monetize them by selling Game Passes, which provide in-game items, special access, or enhanced features.”

Title: Vice Society Ransomware Gang Adds the Italian City of Palermo to its Data Leak Site
Date Published: June 10, 2022


Excerpt: “The Vice Society ransomware group has claimed responsibility for the recent cyber attack that hit the city of Palermo in the South of Italy. In response to the security breach, the IT infrastructure of the city was shut down. The attack took place on June 02 and the outage caused severe problems to the citizens. Sispi (Palermo Innovazione System), which is the municipal company that is responsible for the technical management of the municipal IT and telematic system of the Municipality of Palermo, confirmed the ransomware attack a few days later, but at this time it doesn’t confirm the data breach.”

Title: Feds Forced Travel Firms to Share Surveillance Data on Hacker
Date Published: June 9, 2022


Excerpt: “The U.S. government ordered two travel companies to provide information about the movement of a Russian citizen suspected of hacking. The surveillance data was used as part of an investigation by the U.S. Secret Service, according to court documents recently unsealed. The revelation of the extent of surveillance that the feds ordered companies to do in a 2015 investigation of Russian hacker Aleksei Burkov once again raises questions of privacy, accountability and responsibility in terms of how much access the government should have to an individual’s private data.”

Title: Researchers Unearth Highly Evasive “Parasitic” Linux Malware
Date Published: June 10, 2022


Excerpt: “Security researchers at Intezer and BlackBerry have documented Symbiote, a wholly unique, multi-purpose piece of Linux malware that is nearly impossible to detect. “What makes Symbiote different from other Linux malware that we usually come across, is that it needs to infect other running processes to inflict damage on infected machines. Instead of being a standalone executable file that is run to infect a machine, it is a shared object (SO) library that is loaded into all running processes using LD_PRELOAD (T1574.006), and parasitically infects the machine,” the researchers pointed out.”

Title: Researchers Detail How Cyber Criminals Targeting Cryptocurrency Users
Date Published: June 10, 2022


Excerpt: “Cybercriminals are impersonating popular crypto platforms such as Binance, Celo, and Trust Wallet with spoofed emails and fake login pages in an attempt to steal login details and deceptively transfer virtual funds. “As cryptocurrency and non-fungible tokens (NFTs) become more mainstream, and capture headlines for their volatility, there is a greater likelihood of more individuals falling victim to fraud attempting to exploit people for digital currencies,” Proofpoint said in a new report.”

Title: Since 2004, the Average American has had At Least 7 Data Breaches
Date Published: June  9, 2022


Excerpt: “U.S. citizens face the greatest number of cyber threats as compared with people in other nations worldwide, according to a recent study by IT security company Surfshark. After reviewing nearly two decades of data regarding cyber incidents, Surkshark found that the average American had been affected by at least seven data breaches since 2004. U.S. citizens have faced an estimated 2.3 billion account compromises, while Russia comes second with 2.2 billion accounts of cyberattacks, followed by China, Germany and France.”

Title: Design Weakness Discovered in Apple M1 Kernel Protections
Date Published: June  10, 2022


Excerpt: “Security researchers today released details about a new attack they designed against Apple’s M1 processor chip that can undermine a key security feature that protects the operating system (OS) kernel from memory corruption attacks. Dubbed PACMAN, the proof-of-concept attack targets ARM Pointer Authentication, a processor hardware feature that’s used as a last line of defense against software bugs that can be leveraged to corrupt the content of a memory location, hijack the execution flow of a running program, and ultimately gain complete control of the system.”

Title: Microsoft Defender now Isolates Hacked, Unmanaged Windows Devices
Date Published: June 9, 2022


Excerpt: “Microsoft has announced a new feature for Microsoft Defender for Endpoint (MDE) to help organizations prevent attackers and malware from using compromised unmanaged devices to move laterally through the network. This new feature allows admins to “contain” unmanaged Windows devices on their network if they were compromised or are suspected to be compromised.”

Title: New Emotet Variant Uses a Module to Steal Data from Google Chrome
Date Published: June 9, 2022


Excerpt: “Proofpoint researchers reported a new wave of Emotet infections, in particular, a new variant is using a new info-stealing module used to siphon credit card information stored in the Chrome browser. Once the card data were gathered, the module exfiltrates it to C2 servers that are different from the loader module.”

Title: New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing
Date Published: June 9, 2022


Excerpt: “A newly designed privacy-sensitive architecture aims to enable developers to create smart home apps in a manner that addresses data sharing concerns and puts users in control over their personal information. Dubbed Peekaboo by researchers from Carnegie Mellon University, the system “leverages an in-home hub to pre-process and minimize outgoing data in a structured and enforceable manner before sending it to external cloud servers.””

Recent Posts

June 30, 2022

Title: Google Blocked Dozens of Domains Used by Hack-For-Hire Groups Date Published: June 30, 2022 https://www.bleepingcomputer.com/news/security/google-blocked-dozens-of-domains-used-by-hack-for-hire-groups/ Excerpt: “Google's Threat Analysis Group (TAG) has blocked...

June 28, 2022

Title: Over 900,000 Kubernetes Instances Found Exposed Online Date Published: June 28, 2022 https://www.bleepingcomputer.com/news/security/over-900-000-kubernetes-instances-found-exposed-online/ Excerpt: “Over 900,000 misconfigured Kubernetes clusters were found...

June 27, 2022

Title: CafePress Fined $500,000 for Breach Affecting 23 Million Users Date Published: June 24, 2022 https://www.bleepingcomputer.com/news/security/cafepress-fined-500-000-for-breach-affecting-23-million-users/ Excerpt: “The U.S. Federal Trade Commission (FTC) has...

June 24, 2022

Title: Scalper Bots out of Control in Israel, Selling State Appointments Date Published: June 23, 2022 https://www.bleepingcomputer.com/news/security/scalper-bots-out-of-control-in-israel-selling-state-appointments/ Excerpt: “Out-of-control scalper bots have created...

June 23, 2022

Title: New MetaMask Phishing Campaign uses KYC Lures to Steal Passphrases Date Published: June 23, 2022 https://www.bleepingcomputer.com/news/security/new-metamask-phishing-campaign-uses-kyc-lures-to-steal-passphrases/ Excerpt: “A new phishing campaign is targeting...

June 22, 2022

Title: Microsoft Reveals Cause Behind this Week’s Microsoft 365 Outage Date Published: June 22, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-reveals-cause-behind-this-week-s-microsoft-365-outage/ Excerpt: “Microsoft has revealed that this week's...

June 21, 2022

Title: Microsoft 365 Outage Affects Microsoft Teams and Exchange Online Date Published: June 21, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-affects-microsoft-teams-and-exchange-online/ Excerpt: “An ongoing outage affects multiple...