February 18, 2022

Fortify Security Team
Feb 18, 2022

Title: Malicious Emails Can Crash Cisco Email Security Appliances
Date Published: February 17, 2022

https://www.securityweek.com/malicious-emails-can-crash-cisco-email-security-appliances

Excerpt: “Cisco this week informed customers that its Email Security Appliance (ESA) product is affected by a high-severity denial of service (DoS) vulnerability that can be exploited using specially crafted emails.

The flaw, tracked as CVE-2022-20653, affects the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for ESA. It can be exploited remotely without authentication.”;

Title: DoJ Announces New Cyber Initiatives, Including New Cryptocurrency Unit
Date Published: February 17, 2022

https://www.scmagazine.com/analysis/cryptocurrency/doj-announces-new-cyber-initiatives-including-new-cryptocurrency-group?mkt_tok=MTg4LVVOWi02NjAAAAGCq3Z0ajxOopF5DTrk7cQCyl8TVxnj04blxnzkWI0IMWlYkoy-0tn72swgF2OHiy_Ig0wfjT4asbC7iasIoUgf-TR5tQIGCGNsR7H2Wg

Excerpt: “Deputy Attorney General Lisa Monaco announced a series of new Department of Justice cybercrime initiatives Thursday at the Munich Cyber Security Conference, including a new, centralized FBI unit to combat cryptocurrency-dependent crime.”

Title: Microsoft Teams Targeted With Takeover Trojans
Date Published: February 17, 2022

https://threatpost.com/microsoft-teams-targeted-takeover-trojans/178497/

Excerpt: “Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found.”

Title: MFA Fatigue Attacks: Users Tricked Into Allowing Device Access Due to Overload of Push Notifications
Date Published: February 16, 2022

https://portswigger.net/daily-swig/mfa-fatigue-attacks-users-tricked-into-allowing-device-access-due-to-overload-of-push-notifications

Excerpt: “Malicious hackers are targeting Office 365 users with a spare of ‘MFA fatigue attacks’, bombarding victims with 2FA push notifications to trick them into authenticating their login attempts.”

Title: Global Hybrid Warfare Introduces Cyber Threats to Companies Amid the Russia-Ukraine Crisis
Date Published: February 17, 2022

https://www.securitymagazine.com/articles/97103-global-hybrid-warfare-introduces-cyber-threats-to-companies-amid-the-russia-ukraine-crisis

Excerpt: “Rhetoric from leaders around the world has signaled that it is no longer a question of if Russia will invade Ukraine, but when and how. Geopolitical tensions are palpably high, which has introduced the potential for a longtime cold war between the U.S. and Russia (and their respective allies) to turn hot.”

Title: Stop Vaping: Major e-Cigarette Store Hacked to Steal Credit Cards
Date Published: February 18, 2022

https://www.bleepingcomputer.com/news/security/stop-vaping-major-e-cigarette-store-hacked-to-steal-credit-cards/

Excerpt: “BleepingComputer has confirmed Element Vape, a prominent online seller of e-cigarettes and vaping kits is serving a credit card skimmer on its live site, likely after getting hacked.”

Title: Aviation Attacks Tied To Single APT – TA2541
Date Published: February 17, 2022

https://www.bankinfosecurity.com/aviation-attacks-tied-to-single-apt-ta2541-a-18536

Excerpt: “Cyberattacks in the aviation sector over the past several years have been tied to a single advanced persistent threat group named TA2541, which – since at least 2017 – has used more than a dozen remote access Trojans to control compromised machines, according to a report from cybersecurity firm Proofpoint.”

Title: NSA Issues Guidance for Selecting Strong Cisco Password Types
Date Published: February 17, 2022

https://www.darkreading.com/vulnerabilities-threats/nsa-issues-guidance-for-selecting-strong-cisco-password-types

Excerpt: “The US National Security Agency (NSA) has issued fresh guidance for organizations on selecting strong passwords for Cisco devices, citing an increase in the number of compromises involving poorly protected network infrastructure.”

Title: Severe WordPress Plug-In UpdraftPlus Bug Threatens Backups
Date Published: February 18, 2022

https://threatpost.com/severe-wordpress-plug-in-updraftplus-bug-threatens-backups/178528/

Excerpt: “The WordPress plug-in “UpdraftPlus” was patched on Wednesday to correct a vulnerability that left sensitive backups at risk, potentially exposing personal information and authentication data.

UpdraftPlus is a tool for creating, restoring and migrating backups for WordPress files, databases, plug-ins and themes. According to its website, UpdraftPlus is used by more than three million WordPress websites, including those from organizations like Microsoft, Cisco and NASA.”

Title: Iranian Hackers Targeting VMware Horizon Log4j Flaws to Deploy Ransomware
Date Published: February 17, 2022

https://thehackernews.com/2022/02/iranian-hackers-targeting-vmware.html

Excerpt: “A “potentially destructive actor” aligned with the government of Iran is actively exploiting the well-known Log4j vulnerability to infect unpatched VMware Horizon servers with ransomware.

Cybersecurity firm SentinelOne dubbed the group “TunnelVision” owing to their heavy reliance on tunneling tools, with overlaps in tactics observed to that of a broader group tracked under the moniker Phosphorus as well as Charming Kitten and Nemesis Kitten.”

Recent Posts

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...

May 3, 2022

Title: Aruba and Avaya Network Switches are Vulnerable to RCE Attacks Date Published: May 3, 2022 https://www.bleepingcomputer.com/news/security/aruba-and-avaya-network-switches-are-vulnerable-to-rce-attacks/ Excerpt: “Security researchers have discovered five...

May 2, 2022

Title: U.S. DoD Tricked into Paying $23.5 Million to Phishing Actor Date Published: May 2, 2022 https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/ Excerpt: “The U.S. Department of Justice (DoJ) has announced the...

April 29, 2022

Title: EmoCheck now Detects New 64-bit Versions of Emotet Malware Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/emocheck-now-detects-new-64-bit-versions-of-emotet-malware/ Excerpt: “The Japan CERT has released a new version of their...

April 28, 2022

Title: New Bumblebee Malware Takes Over BazarLoader's Ransomware Delivery Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/ Excerpt: “A newly discovered malware loader...

April 27, 2022

Title: Chinese State-Backed Hackers now Target Russian State Officers Date Published: April 27, 2022 https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/ Excerpt: “Security researchers analyzing a phishing...