February 16, 2022

Fortify Security Team
Feb 16, 2022

Title: Google Almost Doubles Linux Kernel, Kubernetes Zero-Day Rewards
Date Published: February 15, 2022


Excerpt: “Google says it bumped up rewards for reports of Linux Kernel, Kubernetes, Google Kubernetes Engine (GKE), or kCTF vulnerabilities by adding bigger bonuses for zero-day bugs and exploits using unique exploitation techniques. “We increased our rewards because we recognized that in order to attract the attention of the community we needed to match our rewards to their expectations,” Google Vulnerability Matchmaker Eduardo Vela explained. “We consider the expansion to have been a success, and because of that we would like to extend it even further to at least until the end of the year (2022).”

Title: VMware Fixes Flaws Demonstrated at Chinese Tianfu Cup Hacking Contest
Date Published: February 16, 2022


Excerpt: “VMware addressed several high-severity vulnerabilities that were demonstrated by Kunlun Lab team during China’s Tianfu Cup 2021 hacking contest. The vulnerabilities impact VMware ESXi, Workstation, and Fusion.”

Title: Emotet Now Spreading Through Malicious Excel Files
Date Published: February 16, 2022


Excerpt: “The infamous Emotet malware has switched tactics yet again, in an email campaign propagating through malicious Excel files, researchers have found. Researchers at Palo Alto Networks Unit 42 have observed a new infection approach for the high-volume malware, which is known to modify and change its attack vectors to avoid detection so it can continue to do its nefarious work, they wrote in a report published online Tuesday.”

Title: Traditional MFA is Creating a False Sense of Security
Date Published: February 16, 2022


Excerpt: “A report from HYPR and Cybersecurity Insiders, reveals that despite the zero trust initiative, many organizations are still highly exposed to credential attacks due to insufficient multi-factor authentication (MFA) methods and overall lack of urgency after potential exposure. In fact, 64% of those hacked did not enhance or improve their authentication controls following the attack.”

Title: BlockFi to Pay SEC, State Regulators $100M in Penalties
Date Published: February 15, 2022


Excerpt: “The U.S. Securities and Exchange Commission has confirmed that BlockFi, a cryptocurrency lending platform based in Jersey City, N.J., has been charged with failing to register its lending product and violating registration provisions. To settle the SEC’s charges, it will pay a $50 million penalty, cease unregistered offers and sales of the product, and comply with the law within 60 days. In parallel actions announced on Monday, the platform agreed to pay an additional $50 million in fines to 32 states to settle similar charges. And according to SEC officials, BlockFi will also register a new crypto lending product.”

Title: EU Data Protection Watchdog Calls for Ban on Pegasus-like Commercial Spyware
Date Published: February 16, 2022


Excerpt: “The European Union’s data protection authority on Tuesday called for a ban on the development and the use of Pegasus-like commercial spyware in the region, calling out the technology’s “unprecedented level of intrusiveness” that could endanger users’ right to privacy. “Pegasus constitutes a paradigm shift in terms of access to private communications and devices, which is able to affect the very essence of our fundamental rights, in particular the right to privacy,” the European Data Protection Supervisor (EDPS) said in its preliminary remarks. “This fact makes its use incompatible with our democratic values.””

Title:  Forcing ‘gotcha’ Security Adherence can Backfire, Leaving Financial Organization Even More Vulnerable
Date Published: February 16, 2022


Excerpt: “You can lead a person to security awareness, but you can’t make them think. With an ever-growing expectation of convenience outpacing their security concerns, financial customers and employees may never achieve what cyber-wonks would like to see in terms of how people protect themselves, their firm and data in general.”

Title: CISA Added 9 New Flaws to the Known Exploited Vulnerabilities Catalog, Including Magento E Chrome Bugs
Date Published: February 16, 2022


Excerpt: “US Cybersecurity and Infrastructure Security Agency (CISA) added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including two recently patched zero-day issues affecting Adobe Commerce/Magento Open Source and Google Chrome. CISA orders all Federal Civilian Executive Branch Agencies (FCEB) agencies to address both security vulnerabilities by March 1st, 2022. The ‘Known Exploited Vulnerabilities Catalog‘ is a list of known vulnerabilities that threat actors have abused in attacks and that are required to be addressed by Federal Civilian Executive Branch (FCEB) agencies.”

Title: Fraud and Scam Activity Hits All-Time High
Date Published: February 16, 2022


Excerpt: “Bolster published a report which shows an unprecedented level of fraud activity, spurred by the continuing growth of digital commerce, leading to an explosion of companies’ external attack surfaces. Using data gathered from analyzing more than one billion sites, the 2022 State of Phishing and Online Fraud Report highlights the trends that drove digital scams in 2021. In this, the company’s third year of tracking phishing and scam data, we can see with no uncertainty how the pandemic has impacted, and in fact accelerated, digital adoption and, as a result, cyber fraud.”

Title: Trickbot Malware Targeted Customers of 60 High-Profile Companies Since 2020
Date Published: February 16, 2022


Excerpt: “The notorious TrickBot malware is targeting customers of 60 financial and technology companies, including cryptocurrency firms, primarily located in the U.S., even as its operators have updated the botnet with new anti-analysis features. “TrickBot is a sophisticated and versatile malware with more than 20 modules that can be downloaded and executed on demand,” Check Point researchers Aliaksandr Trafimchuk and Raman Ladutska said in a report published today.”

Recent Posts

July 17, 2023

Title: Thousands of Images on Docker Hub Leak Auth Secrets, Private Keys Date Published: July 16, 2023 https://www.bleepingcomputer.com/news/security/thousands-of-images-on-docker-hub-leak-auth-secrets-private-keys/ Excerpt: “Researchers at the RWTH Aachen University...

July 14, 2023

Title: Indexing Over 15 Million WordPress Websites with PWNPress Date Published: July 14, 2023 https://securityaffairs.com/148465/hacking/pwnpress-platform.html Excerpt: “Sicuranex’s PWNPress platform indexed over 15 million WordPress websites, it collects data...

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/us-health-dept-warns-of-royal-ransomware-targeting-healthcare/ Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/new-zombinder-platform-binds-android-malware-with-legitimate-apps/ Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 https://www.welivesecurity.com/2022/12/07/fantasy-new-agrius-wiper-supply-chain-attack/ Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 https://www.zdnet.com/article/this-badly-made-ransomware-cant-decrypt-your-files-even-if-you-pay-the-ransom/ Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 https://www.bleepingcomputer.com/news/security/sim-swapper-gets-18-months-for-involvement-in-22-million-crypto-heist/ Excerpt: “Florida man Nicholas Truglia...