June 9, 2022

Fortify Security Team
Jun 9, 2022
Title: New Symbiote Malware Infects all Running Processes on Linux Systems

Date Published: June 9, 2022

https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/

Excerpt: “A newly discovered Linux malware known as Symbiote infects all running processes on compromised systems, steals account credentials, and gives its operators backdoor access. After injecting itself into all running processes, the malware acts as a system-wide parasite, leaving no identifiable signs of infection even during meticulous in-depth inspections.”

Title: New Emotet Variant uses a Module to Steal Data from Google Chrome

Date Published: June 9, 2022

https://securityaffairs.co/wordpress/132090/cyber-crime/emotet-google-chrome-info-stealer.html

Excerpt: “Proofpoint researchers reported a new wave of Emotet infections, in particular, a new variant is using a new info-stealing module used to siphon credit card information stored in the Chrome browser.
Once the card data were gathered, the module exfiltrates it to C2 servers that are different from the loader module.”

Title: Healthcare is Most Likely to Pay the Ransom

Date Published: June 9, 2022

https://www.helpnetsecurity.com/2022/06/09/ransomware-attacks-healthcare-sector/

Excerpt: “Sophos has published a sectoral survey report which reveals a 94% increase in ransomware attacks on the organizations surveyed in the healthcare sector. In 2021, 66% of healthcare organizations were hit; 34% were hit the previous year. The silver lining, however, is that healthcare organizations are getting better at dealing with the aftermath of ransomware attacks, according to the survey data. The report shows that 99% of those healthcare organizations hit by ransomware got at least some their data back after cybercriminals encrypted it during the attacks.”

Title: Even the Most Advanced Threats Rely on Unpatched Systems

Date Published: June 9, 2022

https://thehackernews.com/2022/06/even-most-advanced-threats-rely-on.html

Excerpt: “Common cybercriminals are a menace, there’s no doubt about it – from bedroom hackers through to ransomware groups, cybercriminals are causing a lot of damage. But both the tools used and the threat posed by common cybercriminals pale in comparison to the tools used by more professional groups such as the famous hacking groups and state-sponsored groups.”

Title: NSA Cyber Chief says There has Been ‘Enormous’ Amount of Hacking in Ukraine War

Date Published: June 8, 2022

https://www.scmagazine.com/analysis/rsac/nsa-cyber-chief-says-there-has-been-enormous-amount-of-hacking-in-ukraine-war

Excerpt: “From the outset of the Russia-Ukraine war, the global cybersecurity community has debated why we haven’t seen the sort of regular, spectacular cyberattacks that many were predicting. The possible explanations were numerous. Some have cited the maturity of Ukraine’s cybersecurity. Others have offered reminders that public visibility around such attacks is always poor in the immediate aftermath, particularly in the midst of a war zone, or attempted to tie the lack of observable activity to more general criticisms of Russian military incompetence.”

Title: Dark Web Sites Selling Western Weapons Allegedly Sent to Ukraine

Date Published: June  9, 2022

https://www.bleepingcomputer.com/news/security/dark-web-sites-selling-western-weapons-allegedly-sent-to-ukraine/

Excerpt: “Several weapon marketplaces on the dark web have listed military-grade firearms allegedly coming from Western countries that sent them to support the Ukrainian army in its fight against the Russian invaders. Supposedly, these weapons were somehow put aside from the received supplies and are now being made available to terrorists looking to buy rocket launchers and other high-impact attack systems.”

Title: Tainted CCleaner Pro Cracker Spreads via Black Seo Campaign

Date Published: June  9, 2022

https://securityaffairs.co/wordpress/132076/cyber-crime/ccleaner-black-seo-malware-fakecrack.html

Excerpt: “Researchers from Avast have uncovered a malware campaign, tracked as FakeCrack, spreading through the search results for a pirated copy of the CCleaner Pro Windows optimization program. The researchers pointed out that operators behind the campaign used a large infrastructure to deliver an info-stealing malware and harvest sensitive data, including crypto assets, from the victims. Avast revealed to have prevented the infection of roughly 10,000 users daily, most of them located in Brazil, India, Indonesia, and France.”

Title: Barely One-Third of IT Pros can Vet Code for Tampering

Date Published: June 8, 2022

https://www.helpnetsecurity.com/2022/06/08/software-supply-chain-attacks/

Excerpt: “Global research commissioned by ReversingLabs and conducted by Dimensional Research, revealed that software development teams are increasingly concerned about supply chain attacks and tampering, but barely a third said they can effectively vet the security of developed and published code for tampering.”

Title: A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia

Date Published: June 9, 2022

https://thehackernews.com/2022/06/a-decade-long-chinese-espionage.html

Excerpt: “A previously undocumented Chinese-speaking advanced persistent threat (APT) actor dubbed Aoqin Dragon has been linked to a string of espionage-oriented attacks aimed at government, education, and telecom entities chiefly in Southeast Asia and Australia dating as far back as 2013.”

Title: Massive Facebook Messenger Phishing Operation Generates Millions

Date Published: June 8, 2022

https://www.bleepingcomputer.com/news/security/massive-facebook-messenger-phishing-operation-generates-millions/

Excerpt: “Researchers have uncovered a large-scale phishing operation that abused Facebook and Messenger to lure millions of users to phishing pages, tricking them into entering their account credentials and seeing advertisements. The campaign operators used these stolen accounts to send further phishing messages to their friends, generating significant revenue via online advertising commissions.”

Recent Posts

June 30, 2022

Title: Google Blocked Dozens of Domains Used by Hack-For-Hire Groups Date Published: June 30, 2022 https://www.bleepingcomputer.com/news/security/google-blocked-dozens-of-domains-used-by-hack-for-hire-groups/ Excerpt: “Google's Threat Analysis Group (TAG) has blocked...

June 28, 2022

Title: Over 900,000 Kubernetes Instances Found Exposed Online Date Published: June 28, 2022 https://www.bleepingcomputer.com/news/security/over-900-000-kubernetes-instances-found-exposed-online/ Excerpt: “Over 900,000 misconfigured Kubernetes clusters were found...

June 27, 2022

Title: CafePress Fined $500,000 for Breach Affecting 23 Million Users Date Published: June 24, 2022 https://www.bleepingcomputer.com/news/security/cafepress-fined-500-000-for-breach-affecting-23-million-users/ Excerpt: “The U.S. Federal Trade Commission (FTC) has...

June 24, 2022

Title: Scalper Bots out of Control in Israel, Selling State Appointments Date Published: June 23, 2022 https://www.bleepingcomputer.com/news/security/scalper-bots-out-of-control-in-israel-selling-state-appointments/ Excerpt: “Out-of-control scalper bots have created...

June 23, 2022

Title: New MetaMask Phishing Campaign uses KYC Lures to Steal Passphrases Date Published: June 23, 2022 https://www.bleepingcomputer.com/news/security/new-metamask-phishing-campaign-uses-kyc-lures-to-steal-passphrases/ Excerpt: “A new phishing campaign is targeting...

June 22, 2022

Title: Microsoft Reveals Cause Behind this Week’s Microsoft 365 Outage Date Published: June 22, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-reveals-cause-behind-this-week-s-microsoft-365-outage/ Excerpt: “Microsoft has revealed that this week's...

June 21, 2022

Title: Microsoft 365 Outage Affects Microsoft Teams and Exchange Online Date Published: June 21, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-affects-microsoft-teams-and-exchange-online/ Excerpt: “An ongoing outage affects multiple...