June 9, 2022

Fortify Security Team
Jun 9, 2022
Title: New Symbiote Malware Infects all Running Processes on Linux Systems

Date Published: June 9, 2022


Excerpt: “A newly discovered Linux malware known as Symbiote infects all running processes on compromised systems, steals account credentials, and gives its operators backdoor access. After injecting itself into all running processes, the malware acts as a system-wide parasite, leaving no identifiable signs of infection even during meticulous in-depth inspections.”

Title: New Emotet Variant uses a Module to Steal Data from Google Chrome

Date Published: June 9, 2022


Excerpt: “Proofpoint researchers reported a new wave of Emotet infections, in particular, a new variant is using a new info-stealing module used to siphon credit card information stored in the Chrome browser.
Once the card data were gathered, the module exfiltrates it to C2 servers that are different from the loader module.”

Title: Healthcare is Most Likely to Pay the Ransom

Date Published: June 9, 2022


Excerpt: “Sophos has published a sectoral survey report which reveals a 94% increase in ransomware attacks on the organizations surveyed in the healthcare sector. In 2021, 66% of healthcare organizations were hit; 34% were hit the previous year. The silver lining, however, is that healthcare organizations are getting better at dealing with the aftermath of ransomware attacks, according to the survey data. The report shows that 99% of those healthcare organizations hit by ransomware got at least some their data back after cybercriminals encrypted it during the attacks.”

Title: Even the Most Advanced Threats Rely on Unpatched Systems

Date Published: June 9, 2022


Excerpt: “Common cybercriminals are a menace, there’s no doubt about it – from bedroom hackers through to ransomware groups, cybercriminals are causing a lot of damage. But both the tools used and the threat posed by common cybercriminals pale in comparison to the tools used by more professional groups such as the famous hacking groups and state-sponsored groups.”

Title: NSA Cyber Chief says There has Been ‘Enormous’ Amount of Hacking in Ukraine War

Date Published: June 8, 2022


Excerpt: “From the outset of the Russia-Ukraine war, the global cybersecurity community has debated why we haven’t seen the sort of regular, spectacular cyberattacks that many were predicting. The possible explanations were numerous. Some have cited the maturity of Ukraine’s cybersecurity. Others have offered reminders that public visibility around such attacks is always poor in the immediate aftermath, particularly in the midst of a war zone, or attempted to tie the lack of observable activity to more general criticisms of Russian military incompetence.”

Title: Dark Web Sites Selling Western Weapons Allegedly Sent to Ukraine

Date Published: June  9, 2022


Excerpt: “Several weapon marketplaces on the dark web have listed military-grade firearms allegedly coming from Western countries that sent them to support the Ukrainian army in its fight against the Russian invaders. Supposedly, these weapons were somehow put aside from the received supplies and are now being made available to terrorists looking to buy rocket launchers and other high-impact attack systems.”

Title: Tainted CCleaner Pro Cracker Spreads via Black Seo Campaign

Date Published: June  9, 2022


Excerpt: “Researchers from Avast have uncovered a malware campaign, tracked as FakeCrack, spreading through the search results for a pirated copy of the CCleaner Pro Windows optimization program. The researchers pointed out that operators behind the campaign used a large infrastructure to deliver an info-stealing malware and harvest sensitive data, including crypto assets, from the victims. Avast revealed to have prevented the infection of roughly 10,000 users daily, most of them located in Brazil, India, Indonesia, and France.”

Title: Barely One-Third of IT Pros can Vet Code for Tampering

Date Published: June 8, 2022


Excerpt: “Global research commissioned by ReversingLabs and conducted by Dimensional Research, revealed that software development teams are increasingly concerned about supply chain attacks and tampering, but barely a third said they can effectively vet the security of developed and published code for tampering.”

Title: A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia

Date Published: June 9, 2022


Excerpt: “A previously undocumented Chinese-speaking advanced persistent threat (APT) actor dubbed Aoqin Dragon has been linked to a string of espionage-oriented attacks aimed at government, education, and telecom entities chiefly in Southeast Asia and Australia dating as far back as 2013.”

Title: Massive Facebook Messenger Phishing Operation Generates Millions

Date Published: June 8, 2022


Excerpt: “Researchers have uncovered a large-scale phishing operation that abused Facebook and Messenger to lure millions of users to phishing pages, tricking them into entering their account credentials and seeing advertisements. The campaign operators used these stolen accounts to send further phishing messages to their friends, generating significant revenue via online advertising commissions.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/bizarre-ransomware-sells-decryptor-on-roblox-game-pass-store/ Excerpt: “A new ransomware is taking the unusual approach of...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 https://www.bleepingcomputer.com/news/legal/surfshark-expressvpn-pull-out-of-india-over-data-retention-laws/ Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 https://www.bleepingcomputer.com/news/security/italian-city-of-palermo-shuts-down-all-systems-to-fend-off-cyberattack/ Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/critical-atlassian-confluence-zero-day-actively-used-in-attacks/ Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/conti-ransomware-targeted-intel-firmware-for-stealthy-attacks/ Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/ Excerpt: “The duration of ransomware attacks in 2021...

May 31, 2022

Title: Microsoft Shares Mitigation for Office Zero-Day Exploited in Attacks DatePublished: May 31, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-office-zero-day-exploited-in-attacks/ Excerpt: “Microsoft has shared mitigation...