June 3, 2022

Fortify Security Team
Jun 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack
Date Published: June 2, 2022


Excerpt: “Hackers are actively exploiting a new Atlassian Confluence zero-day vulnerability tracked as CVE-2022-26134 to install web shells, with no fix available at this time. Today, Atlassian released a security advisory disclosing that CVE-2022-26134 is a critical unauthenticated, remote code execution vulnerability tracked in both Confluence Server and Data Center.”

Title: Microsoft Blocked Polonium Attacks Against Israeli Organizations
Date Published: June 3, 2022


Excerpt: “Microsoft announced to have blocked a series of attacks targeting Israeli organizations that have been conducted by a previously unknown Lebanon-based hacking group tracked as POLONIUM. POLONIUM has targeted or compromised more than 20 Israeli organizations and one intergovernmental organization with operations in Lebanon over the past three months. Since February, the attacks targeted organizations in critical manufacturing, IT, and Israel’s defense industry.”

Title: Evil Corp Pivots LockBit to Dodge U.S. Sanctions
Date Published: June 3, 2022


Excerpt: “Evil Corp has shifted tactics once again, this time pivoting to LockBit ransomware after U.S. sanctions have made it difficult for the cybercriminal group to reap financial gain from its activity, researchers have found. Researchers from Mandiant Intelligence have been tracking a “financially motivated threat cluster” they’re calling UNC2165 that has numerous overlaps with Evil Corp and is highly likely the latest incarnation of the group.”

Title: US Confirms It Has Provided Cybersecurity Support to Ukraine
Date Published: June 2, 2022


Excerpt: “The U.S. has conducted offensive cyber activities in support of Ukraine, Cyber Command Director Gen. Paul Nakasone reportedly said on Wednesday. He made the comments at the ongoing annual NATO Cooperative Cyber Defense Center of Excellence conference – CyCon.”

Title: Researchers Uncover Malware Controlling Thousands of Sites in Parrot TDS Network
Date Published: June 3, 2022


Excerpt: “The Parrot traffic direction system (TDS) that came to light earlier this year has had a larger impact than previously thought, according to new research. Sucuri, which has been tracking the same campaign since February 2019 under the name “NDSW/NDSX,” said that “the malware was one of the top infections” detected in 2021, accounting for more than 61,000 websites.”

Title: HHS Alerts to Ongoing Emotet Threat to the Healthcare Sector
Date Published: June  2, 2022


Excerpt: “Trojans are the most common malware impacting computer systems in the healthcare sector, the most common of which is Emotet, according to a Department of Health and Human Services Cybersecurity Coordination Center alert containing mitigation strategies for the sector.”

Title: Phishers Having a Field Day on WhatsApp, Telegraph
Date Published: June  2, 2022


Excerpt: “Within just a few days of each other, researchers sounded the alarm about phishing campaigns against two popular, global messaging platforms, Telegraph and WhatsApp. Last week, Rahul Sasi, founder and CEO of CloudSEK, posted a warning on LinkedIn that WhatsApp accounts were being targeted by phishing attacks trying to trick users into placing a call to the number “**67*< 10 digit number > or *405* <10 digit number >”. Just a few minutes later, the device would log out of WhatsApp and the attacker would have full control of the account, Sasi added.”

Title: Top 10 Android Banking Trojans Target Apps with 1 Billion Downloads
Date Published: June 2, 2022


Excerpt: “The ten most prolific Android mobile banking trojans target 639 financial applications that collectively have over one billion downloads on the Google Play Store. Mobile banking trojans hide behind seemingly benign apps like productivity tools and games and commonly sneak into the Google Play Store, Android’s official app store.”

Title: LockBit Ransomware Attack Impacted Production in a Mexican Foxconn Plant
Date Published: June 2, 2022


Excerpt: “The electronics manufacturing giant Foxconn confirmed that its production plant in Tijuana (Mexico) has been impacted by a ransomware attack in late May. The LockBit ransomware gang claimed responsibility for an attack and announced that it will release the stolen data by 11 June, 2022 18:01:00 if the company will not pay the ransom.”

Title: Language-based BEC Attacks Rising
Date Published: June 2, 2022


Excerpt: “Armorblox released a report which highlights the use of language-based attacks that bypass existing email security controls. The report uncovers how the continued increase in remote work has made critical business workflows even more vulnerable to new forms of email-based attacks, often resulting in financial fraud or credential theft.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/bizarre-ransomware-sells-decryptor-on-roblox-game-pass-store/ Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/ Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 https://www.bleepingcomputer.com/news/legal/surfshark-expressvpn-pull-out-of-india-over-data-retention-laws/ Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 https://www.bleepingcomputer.com/news/security/italian-city-of-palermo-shuts-down-all-systems-to-fend-off-cyberattack/ Excerpt: “The municipality of Palermo in...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/conti-ransomware-targeted-intel-firmware-for-stealthy-attacks/ Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/ Excerpt: “The duration of ransomware attacks in 2021...

May 31, 2022

Title: Microsoft Shares Mitigation for Office Zero-Day Exploited in Attacks DatePublished: May 31, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-office-zero-day-exploited-in-attacks/ Excerpt: “Microsoft has shared mitigation...