Date Published: June 9, 2022
Excerpt: “A newly discovered Linux malware known as Symbiote infects all running processes on compromised systems, steals account credentials, and gives its operators backdoor access. After injecting itself into all running processes, the malware acts as a system-wide parasite, leaving no identifiable signs of infection even during meticulous in-depth inspections.”
Title: New Emotet Variant uses a Module to Steal Data from Google Chrome
Date Published: June 9, 2022
https://securityaffairs.co/wordpress/132090/cyber-crime/emotet-google-chrome-info-stealer.html
Excerpt: “Proofpoint researchers reported a new wave of Emotet infections, in particular, a new variant is using a new info-stealing module used to siphon credit card information stored in the Chrome browser.
Once the card data were gathered, the module exfiltrates it to C2 servers that are different from the loader module.”
Title: Healthcare is Most Likely to Pay the Ransom
Date Published: June 9, 2022
https://www.helpnetsecurity.com/2022/06/09/ransomware-attacks-healthcare-sector/
Excerpt: “Sophos has published a sectoral survey report which reveals a 94% increase in ransomware attacks on the organizations surveyed in the healthcare sector. In 2021, 66% of healthcare organizations were hit; 34% were hit the previous year. The silver lining, however, is that healthcare organizations are getting better at dealing with the aftermath of ransomware attacks, according to the survey data. The report shows that 99% of those healthcare organizations hit by ransomware got at least some their data back after cybercriminals encrypted it during the attacks.”
Title: Even the Most Advanced Threats Rely on Unpatched Systems
Date Published: June 9, 2022
https://thehackernews.com/2022/06/even-most-advanced-threats-rely-on.html
Excerpt: “Common cybercriminals are a menace, there’s no doubt about it – from bedroom hackers through to ransomware groups, cybercriminals are causing a lot of damage. But both the tools used and the threat posed by common cybercriminals pale in comparison to the tools used by more professional groups such as the famous hacking groups and state-sponsored groups.”
Title: NSA Cyber Chief says There has Been ‘Enormous’ Amount of Hacking in Ukraine War
Date Published: June 8, 2022
Excerpt: “From the outset of the Russia-Ukraine war, the global cybersecurity community has debated why we haven’t seen the sort of regular, spectacular cyberattacks that many were predicting. The possible explanations were numerous. Some have cited the maturity of Ukraine’s cybersecurity. Others have offered reminders that public visibility around such attacks is always poor in the immediate aftermath, particularly in the midst of a war zone, or attempted to tie the lack of observable activity to more general criticisms of Russian military incompetence.”
Title: Dark Web Sites Selling Western Weapons Allegedly Sent to Ukraine
Date Published: June 9, 2022
Excerpt: “Several weapon marketplaces on the dark web have listed military-grade firearms allegedly coming from Western countries that sent them to support the Ukrainian army in its fight against the Russian invaders. Supposedly, these weapons were somehow put aside from the received supplies and are now being made available to terrorists looking to buy rocket launchers and other high-impact attack systems.”
Title: Tainted CCleaner Pro Cracker Spreads via Black Seo Campaign
Date Published: June 9, 2022
https://securityaffairs.co/wordpress/132076/cyber-crime/ccleaner-black-seo-malware-fakecrack.html
Excerpt: “Researchers from Avast have uncovered a malware campaign, tracked as FakeCrack, spreading through the search results for a pirated copy of the CCleaner Pro Windows optimization program. The researchers pointed out that operators behind the campaign used a large infrastructure to deliver an info-stealing malware and harvest sensitive data, including crypto assets, from the victims. Avast revealed to have prevented the infection of roughly 10,000 users daily, most of them located in Brazil, India, Indonesia, and France.”
Title: Barely One-Third of IT Pros can Vet Code for Tampering
Date Published: June 8, 2022
https://www.helpnetsecurity.com/2022/06/08/software-supply-chain-attacks/
Excerpt: “Global research commissioned by ReversingLabs and conducted by Dimensional Research, revealed that software development teams are increasingly concerned about supply chain attacks and tampering, but barely a third said they can effectively vet the security of developed and published code for tampering.”
Title: A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia
Date Published: June 9, 2022
https://thehackernews.com/2022/06/a-decade-long-chinese-espionage.html
Excerpt: “A previously undocumented Chinese-speaking advanced persistent threat (APT) actor dubbed Aoqin Dragon has been linked to a string of espionage-oriented attacks aimed at government, education, and telecom entities chiefly in Southeast Asia and Australia dating as far back as 2013.”
Title: Massive Facebook Messenger Phishing Operation Generates Millions
Date Published: June 8, 2022
Excerpt: “Researchers have uncovered a large-scale phishing operation that abused Facebook and Messenger to lure millions of users to phishing pages, tricking them into entering their account credentials and seeing advertisements. The campaign operators used these stolen accounts to send further phishing messages to their friends, generating significant revenue via online advertising commissions.”