InfoSec News 20220412

  • Publicado: Ter, 12/04/2022 - 12:07

Top News

  • Anonymous Hits 3 Russian Entities, Leaks 400 GB Worth of Emails

"Anonymous has taken Operation OpRussia a step further by targeting Aerogas, Forest, and Petrovsky Fort, which happened to be giants in their respective industries."

Link

TLP1 : Green

  • Conti Ransomware group targets Panasonic Canada

"Panasonic Canada issued a public statement admitting a sophisticated cyber attack on its servers that occurred in February this year. The Japan-based company issued an apology for the incident and assured only its Canadian operations were affected by the malware attack."

Link

TLP1 : Green

  • Senior EU officials were targeted with Israeli spyware

"Senior officials at the European Commission were targeted last year with spy software designed by an Israeli surveillance firm, according to two EU officials and documentation reviewed by Reuters."

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

  • Google Sues Scammer for Running 'Puppy Fraud Scheme' Website

"Google on Monday disclosed that it's taking legal action against a nefarious actor who has been spotted operating fraudulent websites to defraud unsuspecting people into buying non-existent puppies."

Link

TLP1 : Green

  • Follow-Up: New Java Framework Vulnerability and Mitigations: Spring4Shell

"The Spring4Shell is a critical vulnerability that places executable code from the outside of the framework. It gained its name from the similarity with the infamous Log4Shell threat in the Spring Java framework. Spring4Shell came to light in early April, and researchers are already patching it."

Link

TLP1 : Green

  • Ukraine thwarts Sandworm cyberattack aimed at country’s energy facilities

"The Computer Emergency Response Team of Ukraine (CERT-UA) announced it disrupted cyberattacks carried out by the Russia-linked Sandworm advanced persistent threat group (APT) against Ukrainian critical energy infrastructure."

Link

TLP1 : Green

Breaches: Data Breaches and Hacks

  • Calls to Banks Customer Support Intercepted by Fakecalls Mobile Banking Trojan

"Fakecalls, an Android banking malware, has a powerful feature that allows it to hijack calls to a bank’s customer service number and connect the target directly with the malware’s operators."

Link

TLP1 : Green

  • Luxury fashion house Zegna confirms August ransomware attack

"The Italian luxury fashion house Ermenegildo Zegna has confirmed an August 2021 ransomware attack that resulted in an extensive IT systems outage.  The disclosure came in today's filing of an SEC Form 424B3 that updates their investment prospectus to alert investors of business disruption and data breach risks resulting from sophisticated cyberattacks."

Link

TLP1 : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days, Patches and Exploits

  • NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation

"The maintainers of the NGINX web server project have issued mitigations to address security weaknesses in its Lightweight Directory Access Protocol (LDAP) Reference Implementation."

Link

TLP1 : Green

  • CISA warns orgs of WatchGuard bug exploited by Russian state hackers

" The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal civilian agencies and urged all US organizations on Monday to patch an actively exploited bug impacting WatchGuard Firebox and XTM firewall appliances."

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

  • Cyber defense: Prioritized by real-world threat data

"The impact of a cybersecurity breach can be painful for any enterprise, and devastating for some. Any one of the top five threats we see in today’s environment—malware, ransomware, web application hacking, insider and privilege misuse, and targeted intrusions— are serious and can cause severe, long-lasting financial and reputational damage. "

Link

TLP1 : Green

  • More organizations are paying the ransom. Why?

"Most organizations (71%) have been hit by ransomware in 2021, and most of those (63%) opted for paying the requested ransom, the 2022 Cyberthreat Defense Report (CDR) by the CyberEdge Group has shown."

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

  • TruffleHog v3: API key leak detection tool adds support for more than 600 types

"The newest version of TruffleHog has landed with support for more than 600 key types, furthering the tool’s ability to hunt for credential leaks."

Link

TLP1 : Green

  • Finding Attack Paths in Cloud Environments

"The mass adoption of cloud infrastructure is fully justified by innumerable advantages. As a result, today, organizations' most sensitive business applications, workloads, and data are in the cloud."

Link

TLP1 : Green

  • EvilSelenium - A Tool That Weaponizes Selenium To Attack Chromium Based Browsers

"EvilSelenium is a new project that weaponizes Selenium to abuse Chromium-based browsers."

Link

TLP1 : Green

 

 

1Traffic Light Protocol (TLP) [1] for information sharing:

 

 

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 

[1]https://www.first.org/tlp

Infosec News