February 16, 2022

Fortify Security Team
Feb 16, 2022

Title: Google Almost Doubles Linux Kernel, Kubernetes Zero-Day Rewards
Date Published: February 15, 2022

https://www.bleepingcomputer.com/news/google/google-almost-doubles-linux-kernel-kubernetes-zero-day-rewards/

Excerpt: “Google says it bumped up rewards for reports of Linux Kernel, Kubernetes, Google Kubernetes Engine (GKE), or kCTF vulnerabilities by adding bigger bonuses for zero-day bugs and exploits using unique exploitation techniques. “We increased our rewards because we recognized that in order to attract the attention of the community we needed to match our rewards to their expectations,” Google Vulnerability Matchmaker Eduardo Vela explained. “We consider the expansion to have been a success, and because of that we would like to extend it even further to at least until the end of the year (2022).”

Title: VMware Fixes Flaws Demonstrated at Chinese Tianfu Cup Hacking Contest
Date Published: February 16, 2022

https://securityaffairs.co/wordpress/128063/security/vmware-fixes-flaws-demonstrated-at-chinese-tianfu-cup-hacking-contest.html

Excerpt: “VMware addressed several high-severity vulnerabilities that were demonstrated by Kunlun Lab team during China’s Tianfu Cup 2021 hacking contest. The vulnerabilities impact VMware ESXi, Workstation, and Fusion.”

Title: Emotet Now Spreading Through Malicious Excel Files
Date Published: February 16, 2022

https://threatpost.com/emotet-spreading-malicious-excel-files/178444/

Excerpt: “The infamous Emotet malware has switched tactics yet again, in an email campaign propagating through malicious Excel files, researchers have found. Researchers at Palo Alto Networks Unit 42 have observed a new infection approach for the high-volume malware, which is known to modify and change its attack vectors to avoid detection so it can continue to do its nefarious work, they wrote in a report published online Tuesday.”

Title: Traditional MFA is Creating a False Sense of Security
Date Published: February 16, 2022

https://www.helpnetsecurity.com/2022/02/16/insufficient-mfa-methods/

Excerpt: “A report from HYPR and Cybersecurity Insiders, reveals that despite the zero trust initiative, many organizations are still highly exposed to credential attacks due to insufficient multi-factor authentication (MFA) methods and overall lack of urgency after potential exposure. In fact, 64% of those hacked did not enhance or improve their authentication controls following the attack.”

Title: BlockFi to Pay SEC, State Regulators $100M in Penalties
Date Published: February 15, 2022

https://www.bankinfosecurity.com/blockfi-to-pay-sec-state-regulators-100m-in-penalties-a-18514

Excerpt: “The U.S. Securities and Exchange Commission has confirmed that BlockFi, a cryptocurrency lending platform based in Jersey City, N.J., has been charged with failing to register its lending product and violating registration provisions. To settle the SEC’s charges, it will pay a $50 million penalty, cease unregistered offers and sales of the product, and comply with the law within 60 days. In parallel actions announced on Monday, the platform agreed to pay an additional $50 million in fines to 32 states to settle similar charges. And according to SEC officials, BlockFi will also register a new crypto lending product.”

Title: EU Data Protection Watchdog Calls for Ban on Pegasus-like Commercial Spyware
Date Published: February 16, 2022

https://thehackernews.com/2022/02/eu-data-protection-watchdog-calls-for.html

Excerpt: “The European Union’s data protection authority on Tuesday called for a ban on the development and the use of Pegasus-like commercial spyware in the region, calling out the technology’s “unprecedented level of intrusiveness” that could endanger users’ right to privacy. “Pegasus constitutes a paradigm shift in terms of access to private communications and devices, which is able to affect the very essence of our fundamental rights, in particular the right to privacy,” the European Data Protection Supervisor (EDPS) said in its preliminary remarks. “This fact makes its use incompatible with our democratic values.””

Title:  Forcing ‘gotcha’ Security Adherence can Backfire, Leaving Financial Organization Even More Vulnerable
Date Published: February 16, 2022

https://www.scmagazine.com/analysis/training/forcing-gotcha-security-adherence-can-backfire-focus-on-teamwork-instead-experts-say

Excerpt: “You can lead a person to security awareness, but you can’t make them think. With an ever-growing expectation of convenience outpacing their security concerns, financial customers and employees may never achieve what cyber-wonks would like to see in terms of how people protect themselves, their firm and data in general.”

Title: CISA Added 9 New Flaws to the Known Exploited Vulnerabilities Catalog, Including Magento E Chrome Bugs
Date Published: February 16, 2022

https://securityaffairs.co/wordpress/128070/hacking/known-exploited-vulnerabilities-catalog-chrome-magento.html

Excerpt: “US Cybersecurity and Infrastructure Security Agency (CISA) added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including two recently patched zero-day issues affecting Adobe Commerce/Magento Open Source and Google Chrome. CISA orders all Federal Civilian Executive Branch Agencies (FCEB) agencies to address both security vulnerabilities by March 1st, 2022. The ‘Known Exploited Vulnerabilities Catalog‘ is a list of known vulnerabilities that threat actors have abused in attacks and that are required to be addressed by Federal Civilian Executive Branch (FCEB) agencies.”

Title: Fraud and Scam Activity Hits All-Time High
Date Published: February 16, 2022

https://www.helpnetsecurity.com/2022/02/16/fraud-activity-level/

Excerpt: “Bolster published a report which shows an unprecedented level of fraud activity, spurred by the continuing growth of digital commerce, leading to an explosion of companies’ external attack surfaces. Using data gathered from analyzing more than one billion sites, the 2022 State of Phishing and Online Fraud Report highlights the trends that drove digital scams in 2021. In this, the company’s third year of tracking phishing and scam data, we can see with no uncertainty how the pandemic has impacted, and in fact accelerated, digital adoption and, as a result, cyber fraud.”

Title: Trickbot Malware Targeted Customers of 60 High-Profile Companies Since 2020
Date Published: February 16, 2022

https://thehackernews.com/2022/02/trickbot-malware-targeted-customers-of.html

Excerpt: “The notorious TrickBot malware is targeting customers of 60 financial and technology companies, including cryptocurrency firms, primarily located in the U.S., even as its operators have updated the botnet with new anti-analysis features. “TrickBot is a sophisticated and versatile malware with more than 20 modules that can be downloaded and executed on demand,” Check Point researchers Aliaksandr Trafimchuk and Raman Ladutska said in a report published today.”

Recent Posts

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...

May 3, 2022

Title: Aruba and Avaya Network Switches are Vulnerable to RCE Attacks Date Published: May 3, 2022 https://www.bleepingcomputer.com/news/security/aruba-and-avaya-network-switches-are-vulnerable-to-rce-attacks/ Excerpt: “Security researchers have discovered five...

May 2, 2022

Title: U.S. DoD Tricked into Paying $23.5 Million to Phishing Actor Date Published: May 2, 2022 https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/ Excerpt: “The U.S. Department of Justice (DoJ) has announced the...

April 29, 2022

Title: EmoCheck now Detects New 64-bit Versions of Emotet Malware Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/emocheck-now-detects-new-64-bit-versions-of-emotet-malware/ Excerpt: “The Japan CERT has released a new version of their...

April 28, 2022

Title: New Bumblebee Malware Takes Over BazarLoader's Ransomware Delivery Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/ Excerpt: “A newly discovered malware loader...

April 27, 2022

Title: Chinese State-Backed Hackers now Target Russian State Officers Date Published: April 27, 2022 https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/ Excerpt: “Security researchers analyzing a phishing...