IT Security Newsletter - 3/11/2022
Malware disguised as security tool targets Ukraine's IT Army
A new malware campaign is taking advantage of people's willingness to support Ukraine's cyber warfare against Russia to infect them with password-stealing Trojans. Last month, the Ukrainian government announced a new IT Army composed of volunteers worldwide who conduct cyberattacks and DDoS attacks against Russian entities. This initiative has led to a outpouring of support by many people worldwide who have been helping target Russian organizations and sites, even if that activity is considered illegal. READ MORE...
Extradited Canadian accused of unleashing NetWalker ransomware
US prosecutors on Thursday said they have extradited a Canadian man to America to face charges that he conspired to distribute ransomware. Sébastien Vachon-Desjardins, 34, of Gatineau, Quebec, was detained by Canadian authorities on January 27, 2021. Upon executing a warrant to search his residence, officials found and seized more than 20TB of data including digital wallets containing 719 Bitcoin - worth about $28.5m presently - and $619,000 in cash, some of which was stored in bank safety deposit boxes. READ MORE...
Raccoon Stealer Crawls Into Telegram
A credential stealer that first rose to popularity a couple of years ago is now abusing Telegram for command-and-control (C2). A range of cybercriminals continue to widen its attack surface through creative distribution means like this, researchers have reported. Raccoon Stealer, which first appeared on the scene in April 2019, has added the ability to store and update its own actual C2 addresses on Telegram's infrastructure. READ MORE...
Russia creates its own TLS certificate authority to bypass sanctions
Russia has created its own trusted TLS certificate authority (CA) to solve website access problems that have been piling up after sanctions prevent certificate renewals. The sanctions imposed by western companies and governments are preventing Russian sites from renewing existing TLS certificates, causing browsers to block access to sites with expired certificates. READ MORE...
Shipping fraud quickly emerging as one of the top fraud types
The continuous growth of e-commerce could be behind a surge in shipping fraud, which is now the fastest growing type of digital fraud worldwide, according to a TransUnion report. There was an influx in shipping fraud in 2021, resulting in a 780.5% year-over-year (YoY) global increase. When compared to a two-year timeframe from 2019 to 2021, TransUnion data shows shipping fraud grew more than 1,500+%. READ MORE...
Over 40% of Log4j Downloads Are Vulnerable Versions of the Software
Three months after the Apache Foundation disclosed the infamous Lo4j vulnerability [CVE-2021-44228] and issued a fix for it, more than 4 in 10 downloads of the logging tool from the Maven Central Java package repository continue to be known vulnerable versions. A dashboard that Maven Central administrator Sonatype launched soon after news of the so-called Log4Shell flaw first surfaced shows that 41% of Log4j packages downloaded between Feb. 4 and March 10, 2022, are versions prior to Log4j 2.15.0. READ MORE...
- ...in 1818, author Mary Wollstonecraft Shelley publishes "Frankenstein; Or, The Modern Prometheus", widely considered to be the first work of science fiction.
- ...in 1985, Mikhail Gorbachev is elected as General Secretary of the Soviet Union, becoming the USSR's final head of state.
- ...in 1997, former Beatle Paul McCartney is officially knighted by Queen Elizabeth II.
- ...in 2020, the World Health Organization officially declares the COVID-19 outbreak as a pandemic.