February 16, 2022

Fortify Security Team
Feb 16, 2022

Title: Google Almost Doubles Linux Kernel, Kubernetes Zero-Day Rewards
Date Published: February 15, 2022

https://www.bleepingcomputer.com/news/google/google-almost-doubles-linux-kernel-kubernetes-zero-day-rewards/

Excerpt: “Google says it bumped up rewards for reports of Linux Kernel, Kubernetes, Google Kubernetes Engine (GKE), or kCTF vulnerabilities by adding bigger bonuses for zero-day bugs and exploits using unique exploitation techniques. “We increased our rewards because we recognized that in order to attract the attention of the community we needed to match our rewards to their expectations,” Google Vulnerability Matchmaker Eduardo Vela explained. “We consider the expansion to have been a success, and because of that we would like to extend it even further to at least until the end of the year (2022).”

Title: VMware Fixes Flaws Demonstrated at Chinese Tianfu Cup Hacking Contest
Date Published: February 16, 2022

https://securityaffairs.co/wordpress/128063/security/vmware-fixes-flaws-demonstrated-at-chinese-tianfu-cup-hacking-contest.html

Excerpt: “VMware addressed several high-severity vulnerabilities that were demonstrated by Kunlun Lab team during China’s Tianfu Cup 2021 hacking contest. The vulnerabilities impact VMware ESXi, Workstation, and Fusion.”

Title: Emotet Now Spreading Through Malicious Excel Files
Date Published: February 16, 2022

https://threatpost.com/emotet-spreading-malicious-excel-files/178444/

Excerpt: “The infamous Emotet malware has switched tactics yet again, in an email campaign propagating through malicious Excel files, researchers have found. Researchers at Palo Alto Networks Unit 42 have observed a new infection approach for the high-volume malware, which is known to modify and change its attack vectors to avoid detection so it can continue to do its nefarious work, they wrote in a report published online Tuesday.”

Title: Traditional MFA is Creating a False Sense of Security
Date Published: February 16, 2022

https://www.helpnetsecurity.com/2022/02/16/insufficient-mfa-methods/

Excerpt: “A report from HYPR and Cybersecurity Insiders, reveals that despite the zero trust initiative, many organizations are still highly exposed to credential attacks due to insufficient multi-factor authentication (MFA) methods and overall lack of urgency after potential exposure. In fact, 64% of those hacked did not enhance or improve their authentication controls following the attack.”

Title: BlockFi to Pay SEC, State Regulators $100M in Penalties
Date Published: February 15, 2022

https://www.bankinfosecurity.com/blockfi-to-pay-sec-state-regulators-100m-in-penalties-a-18514

Excerpt: “The U.S. Securities and Exchange Commission has confirmed that BlockFi, a cryptocurrency lending platform based in Jersey City, N.J., has been charged with failing to register its lending product and violating registration provisions. To settle the SEC’s charges, it will pay a $50 million penalty, cease unregistered offers and sales of the product, and comply with the law within 60 days. In parallel actions announced on Monday, the platform agreed to pay an additional $50 million in fines to 32 states to settle similar charges. And according to SEC officials, BlockFi will also register a new crypto lending product.”

Title: EU Data Protection Watchdog Calls for Ban on Pegasus-like Commercial Spyware
Date Published: February 16, 2022

https://thehackernews.com/2022/02/eu-data-protection-watchdog-calls-for.html

Excerpt: “The European Union’s data protection authority on Tuesday called for a ban on the development and the use of Pegasus-like commercial spyware in the region, calling out the technology’s “unprecedented level of intrusiveness” that could endanger users’ right to privacy. “Pegasus constitutes a paradigm shift in terms of access to private communications and devices, which is able to affect the very essence of our fundamental rights, in particular the right to privacy,” the European Data Protection Supervisor (EDPS) said in its preliminary remarks. “This fact makes its use incompatible with our democratic values.””

Title:  Forcing ‘gotcha’ Security Adherence can Backfire, Leaving Financial Organization Even More Vulnerable
Date Published: February 16, 2022

https://www.scmagazine.com/analysis/training/forcing-gotcha-security-adherence-can-backfire-focus-on-teamwork-instead-experts-say

Excerpt: “You can lead a person to security awareness, but you can’t make them think. With an ever-growing expectation of convenience outpacing their security concerns, financial customers and employees may never achieve what cyber-wonks would like to see in terms of how people protect themselves, their firm and data in general.”

Title: CISA Added 9 New Flaws to the Known Exploited Vulnerabilities Catalog, Including Magento E Chrome Bugs
Date Published: February 16, 2022

https://securityaffairs.co/wordpress/128070/hacking/known-exploited-vulnerabilities-catalog-chrome-magento.html

Excerpt: “US Cybersecurity and Infrastructure Security Agency (CISA) added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including two recently patched zero-day issues affecting Adobe Commerce/Magento Open Source and Google Chrome. CISA orders all Federal Civilian Executive Branch Agencies (FCEB) agencies to address both security vulnerabilities by March 1st, 2022. The ‘Known Exploited Vulnerabilities Catalog‘ is a list of known vulnerabilities that threat actors have abused in attacks and that are required to be addressed by Federal Civilian Executive Branch (FCEB) agencies.”

Title: Fraud and Scam Activity Hits All-Time High
Date Published: February 16, 2022

https://www.helpnetsecurity.com/2022/02/16/fraud-activity-level/

Excerpt: “Bolster published a report which shows an unprecedented level of fraud activity, spurred by the continuing growth of digital commerce, leading to an explosion of companies’ external attack surfaces. Using data gathered from analyzing more than one billion sites, the 2022 State of Phishing and Online Fraud Report highlights the trends that drove digital scams in 2021. In this, the company’s third year of tracking phishing and scam data, we can see with no uncertainty how the pandemic has impacted, and in fact accelerated, digital adoption and, as a result, cyber fraud.”

Title: Trickbot Malware Targeted Customers of 60 High-Profile Companies Since 2020
Date Published: February 16, 2022

https://thehackernews.com/2022/02/trickbot-malware-targeted-customers-of.html

Excerpt: “The notorious TrickBot malware is targeting customers of 60 financial and technology companies, including cryptocurrency firms, primarily located in the U.S., even as its operators have updated the botnet with new anti-analysis features. “TrickBot is a sophisticated and versatile malware with more than 20 modules that can be downloaded and executed on demand,” Check Point researchers Aliaksandr Trafimchuk and Raman Ladutska said in a report published today.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/bizarre-ransomware-sells-decryptor-on-roblox-game-pass-store/ Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/ Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 https://www.bleepingcomputer.com/news/legal/surfshark-expressvpn-pull-out-of-india-over-data-retention-laws/ Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 https://www.bleepingcomputer.com/news/security/italian-city-of-palermo-shuts-down-all-systems-to-fend-off-cyberattack/ Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/critical-atlassian-confluence-zero-day-actively-used-in-attacks/ Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/conti-ransomware-targeted-intel-firmware-for-stealthy-attacks/ Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/ Excerpt: “The duration of ransomware attacks in 2021...