Weekly Cybersecurity Recap March 18

  • By Patrick Ryan
  • Mar 18, 2022

Cyber-attacks might not seem as threatening as a conventional in-person attack at your business or other building, yet a digital infiltration has the potential to cause even more damage than a traditional break-in. Take a look at the cyber security daily newswire, and you'll find there is no shortage of online attacks. Businesses of all types and sizes are targeted daily.  

If your business has not yet been hit by a cyber-attack, it is only a matter of time until you are targeted. You can do your part to prepare for online attacks by adding the proper digital security protections. Without further ado, let's delve into the latest digital attacks from the third week of March.

Ubisoft Hack

Ubisoft, famous for its top-selling video games, has been hacked. The hack took down the game makers' online services, compromised internal systems, and halted game production. The attack even spurred Ubisoft employees to reset their passwords. 

The LAPSUS$ hacking collective is responsible for the Ubisoft attack. Though Ubisoft representatives insist customer information was not stolen, the company is still gauging the extent of the hack to determine what, exactly, was improperly accessed and stolen.

Software Package Manager Flaws

Digital security experts recently found popular software package managers can be compromised to operate code that provides access to sensitive information. Digital criminals employ arbitrary code to tap into source code as well as access tokens within vulnerable computers. If a targeted developer falls for a hacker's bait and loads the malicious files, the door for implementing harmful packages opens wide.  

Digital security professionals are concerned the command injection flaw within Composer has the potential to be abused to execute arbitrary code with a URL containing a harmful package that allows for next-stage payloads. The specific software manager packers that are most vulnerable include Bundler, Poetry, Yarn, Pip, and Pipenv.

APT Hacking Tools Reused by Russians

Russian digital miscreants appear to be reimplementing hacking tools originally developed by APT groups. The hackers are targeting gaming and gambling companies in Europe and Central America.   The attack focuses on the abuse of user credentials stolen to gain access to a company's network to implement Cobalt Strike payloads.The Russian hacking collective uses post-exploitation tools, including the likes of ADFind, LaZagne, NetScan, and Softperfect, to carry out the attack. The cybercriminals bypass digital protections with an AccountRestore executable to obtain access to targets' administrator credentials. The attack also includes Ligolo, a forked reverse tool that permits digital tunneling.

Racoon Stealer Compromises Telegram

The popular chat app Telegram has been breached by a Raccoon Stealer that steals login credentials. This digital theft sets the stage for generating new pathways for digital miscreants to implement malware. The threat zeroes in on C2 addresses in Telegram infrastructure. C2 is geek-speak for command-and-control.  

Though digital forensics specialists are uncertain which cybercriminals are behind the attack, it appears as though the attacks are levied by Russian hackers. The hackers are stealing user login credentials to conduct illegal activity within target systems, such as capturing browser form data, cookies, and email information. The attack also extends to capturing information from plugins, extensions, arbitrary files, crypto wallets, and more.
 

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank is in the news for the wrong reason. The bank recently publicized the fact that it discovered a digital breach.

Weekly Recap June 24 2022

Weekly Recap June 24 2022

We are nearly halfway through 2022. News stories detailing hacks and other digital breaches continue to roll in on a daily basis.

Cybercrime Related to Travel Soars at the Year’s Halfway Point

Cybercrime Related to Travel Soars at the Year’s Halfway Point

There has been a significant spike in tourism following the gradual decline of the coronavirus pandemic.  The increase in travel has caught the attention of digital miscreants looking to scam tourists as well as travel services providers.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.