March 10, 2022

Fortify Security Team
Mar 10, 2022

Title: Nearly 30% of Critical WordPress Plugin Bugs Don’t Get a Patch

Date Published: March 9, 2022

Excerpt: “Patchstack, a leader in WordPress security and threat intelligence, has released a whitepaper to present the state of WordPress security in 2021, and the report paints a dire picture. More specifically, 2021 has seen a growth of 150% in the reported vulnerabilities compared to the previous year, while 29% of the critical flaws in WordPress plugins never received a security update.”

Title: TLStorm Flaws Allow to Remotely Manipulate the Power of Millions of Enterprise UPS Devices

Date Published: March 10, 2022

Excerpt: “Researchers from IoT security company Armis have discovered three high-impact security flaws, collectively tracked as TLStorm, affecting APC Smart-UPS devices. The flaws can allow remote attackers to manipulate the power of millions of enterprise devices carrying out extreme cyber-physical attacks.”

Title: APT41 Spies Broke Into 6 US State Networks via a Livestock App

Date Published: March 9, 2022

Excerpt: “USAHerds – an app used (PDF) by farmers to speed their response to diseases and other threats to their livestock – has itself become an infection vector, used to pry open at least six U.S. state networks by one of China’s most prolific state-sponsored espionage groups. In a report published by Mandiant on Tuesday, researchers described a prolonged incursion conducted by APT41. They detected the activity in May 2021 and tracked it through last month, February 2022, observing the spy group pry open vulnerable, internet-facing web apps that were often written in ASP.NET.”

Title: ITOps Teams are Getting Buried Beneath too Many Disparate Solutions for Endpoint Management

Date Published: March 10, 2022

Excerpt: “Automox released the findings of a report which revealed that keeping endpoints continuously updated and secure has become even more challenging since the Automox 2021 report, and that organizations are continuing to struggle with the complexity of using multiple legacy tools to manage and secure today’s anywhere-everywhere work environment.”

Title: Former US Cyber Official Warns of Russian War Repercussions

Date Published: March 9, 2022

Excerpt: “A former top U.S. cybersecurity official warns that the conflict in Ukraine will likely worsen before showing any signs of improvement, including potential cyber escalation with the U.S. and its NATO allies.”

Title: New Exploit Bypasses Existing Spectre-v2 Mitigations in Intel, AMD, Arm CPUs

Date Published: March 10,  2022

Excerpt: “Researchers have disclosed a new technique that could be used to circumvent existing hardware mitigations in modern processors from Intel, AMD, and Arm and stage speculative execution attacks such as Spectre to leak sensitive information from host memory. Attacks like Spectre are designed to break the isolation between different applications by taking advantage of an optimization technique called speculative execution in CPU hardware implementations to trick programs into accessing arbitrary locations in memory and thus leak their secrets.”

Title: Finance Among Best-Prepared Sectors for Cyberattacks, but Falls Short in Other Areas

Date Published: March 10, 2022

Excerpt: “IT security professionals at financial institutions are better-prepared than their peers in many other industries, but they are still not performing as well as they should be when responding to cyberattacks, according to a report released Wednesday. Lack of speed in response to major hacks typically causes large enterprises overall to be “left exposed by a three-month gap in human cyber capabilities after threats break,” according to a release announcing the findings of the inaugural “Cyber Workforce Benchmark” report by Immersive Labs, which develops platforms to track and analyze the productivity of enterprise cyber professionals. (Log4j is an exception. Cybersecurity teams across the board were able to develop their cyber workers to respond within just two days to this recent pervasive threat.)”

Title: CISA Updates Conti Ransomware Alert with Nearly 100 Domain Names

Date Published: March 9, 2022

Excerpt: “The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated the alert on Conti ransomware with indicators of compromise (IoCs) consisting of close to 100 domain names used in malicious operations. Originally published on September 22, 2021, the advisory includes details observed by CISA and the Federal Bureau of Investigation (FBI) in Conti ransomware attacks targeting organizations in the U.S. The updated cybersecurity advisory contains data from the U.S. Secret Service.”

Title: New Emotet Botnet is Rapidly Growing, with +130K Unique Bots Spread Across 179 Countries

Date Published: March 10, 2022

Excerpt: “The Emotet botnet continues to grow and has infected approximately 130,000 hosts since its resurrection in November 2021.Early 2021, law enforcement and judicial authorities worldwide conducted a joint operation, named Operation Ladybird, which disrupted the EMOTET botnet. At the time the investigators have taken control of its infrastructure in an international coordinated action.”

Title: Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads

Date Published: March 10, 2022

Excerpt: “The Qakbot botnet is getting more dangerous, sinking its fangs into email threads and injecting malicious modules to pump up the core botnet’s powers. On Thursday, Sophos published a deep dive into the botnet, describing how researchers have recently seen it spreading through email thread hijacking – an attack in which malware operators malspam replies to ongoing email threads.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 Excerpt: “The duration of ransomware attacks in 2021...