March 10, 2022

Fortify Security Team
Mar 10, 2022

Title: Nearly 30% of Critical WordPress Plugin Bugs Don’t Get a Patch

Date Published: March 9, 2022

Excerpt: “Patchstack, a leader in WordPress security and threat intelligence, has released a whitepaper to present the state of WordPress security in 2021, and the report paints a dire picture. More specifically, 2021 has seen a growth of 150% in the reported vulnerabilities compared to the previous year, while 29% of the critical flaws in WordPress plugins never received a security update.”

Title: TLStorm Flaws Allow to Remotely Manipulate the Power of Millions of Enterprise UPS Devices

Date Published: March 10, 2022

Excerpt: “Researchers from IoT security company Armis have discovered three high-impact security flaws, collectively tracked as TLStorm, affecting APC Smart-UPS devices. The flaws can allow remote attackers to manipulate the power of millions of enterprise devices carrying out extreme cyber-physical attacks.”

Title: APT41 Spies Broke Into 6 US State Networks via a Livestock App

Date Published: March 9, 2022

Excerpt: “USAHerds – an app used (PDF) by farmers to speed their response to diseases and other threats to their livestock – has itself become an infection vector, used to pry open at least six U.S. state networks by one of China’s most prolific state-sponsored espionage groups. In a report published by Mandiant on Tuesday, researchers described a prolonged incursion conducted by APT41. They detected the activity in May 2021 and tracked it through last month, February 2022, observing the spy group pry open vulnerable, internet-facing web apps that were often written in ASP.NET.”

Title: ITOps Teams are Getting Buried Beneath too Many Disparate Solutions for Endpoint Management

Date Published: March 10, 2022

Excerpt: “Automox released the findings of a report which revealed that keeping endpoints continuously updated and secure has become even more challenging since the Automox 2021 report, and that organizations are continuing to struggle with the complexity of using multiple legacy tools to manage and secure today’s anywhere-everywhere work environment.”

Title: Former US Cyber Official Warns of Russian War Repercussions

Date Published: March 9, 2022

Excerpt: “A former top U.S. cybersecurity official warns that the conflict in Ukraine will likely worsen before showing any signs of improvement, including potential cyber escalation with the U.S. and its NATO allies.”

Title: New Exploit Bypasses Existing Spectre-v2 Mitigations in Intel, AMD, Arm CPUs

Date Published: March 10,  2022

Excerpt: “Researchers have disclosed a new technique that could be used to circumvent existing hardware mitigations in modern processors from Intel, AMD, and Arm and stage speculative execution attacks such as Spectre to leak sensitive information from host memory. Attacks like Spectre are designed to break the isolation between different applications by taking advantage of an optimization technique called speculative execution in CPU hardware implementations to trick programs into accessing arbitrary locations in memory and thus leak their secrets.”

Title: Finance Among Best-Prepared Sectors for Cyberattacks, but Falls Short in Other Areas

Date Published: March 10, 2022

Excerpt: “IT security professionals at financial institutions are better-prepared than their peers in many other industries, but they are still not performing as well as they should be when responding to cyberattacks, according to a report released Wednesday. Lack of speed in response to major hacks typically causes large enterprises overall to be “left exposed by a three-month gap in human cyber capabilities after threats break,” according to a release announcing the findings of the inaugural “Cyber Workforce Benchmark” report by Immersive Labs, which develops platforms to track and analyze the productivity of enterprise cyber professionals. (Log4j is an exception. Cybersecurity teams across the board were able to develop their cyber workers to respond within just two days to this recent pervasive threat.)”

Title: CISA Updates Conti Ransomware Alert with Nearly 100 Domain Names

Date Published: March 9, 2022

Excerpt: “The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated the alert on Conti ransomware with indicators of compromise (IoCs) consisting of close to 100 domain names used in malicious operations. Originally published on September 22, 2021, the advisory includes details observed by CISA and the Federal Bureau of Investigation (FBI) in Conti ransomware attacks targeting organizations in the U.S. The updated cybersecurity advisory contains data from the U.S. Secret Service.”

Title: New Emotet Botnet is Rapidly Growing, with +130K Unique Bots Spread Across 179 Countries

Date Published: March 10, 2022

Excerpt: “The Emotet botnet continues to grow and has infected approximately 130,000 hosts since its resurrection in November 2021.Early 2021, law enforcement and judicial authorities worldwide conducted a joint operation, named Operation Ladybird, which disrupted the EMOTET botnet. At the time the investigators have taken control of its infrastructure in an international coordinated action.”

Title: Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads

Date Published: March 10, 2022

Excerpt: “The Qakbot botnet is getting more dangerous, sinking its fangs into email threads and injecting malicious modules to pump up the core botnet’s powers. On Thursday, Sophos published a deep dive into the botnet, describing how researchers have recently seen it spreading through email thread hijacking – an attack in which malware operators malspam replies to ongoing email threads.”

Recent Posts

July 17, 2023

Title: Thousands of Images on Docker Hub Leak Auth Secrets, Private Keys Date Published: July 16, 2023 Excerpt: “Researchers at the RWTH Aachen University...

July 14, 2023

Title: Indexing Over 15 Million WordPress Websites with PWNPress Date Published: July 14, 2023 Excerpt: “Sicuranex’s PWNPress platform indexed over 15 million WordPress websites, it collects data...

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 Excerpt: “Florida man Nicholas Truglia...