Title: Hundreds of HP Printers Vulnerable to Remote Code Execution Flaws
Date Published: March 22, 2022
Excerpt: “HP has published security advisories for three critical-severity vulnerabilities affecting hundreds of its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models. The first security bulletin warns about a buffer overflow flaw that could lead to remote code execution on the affected machine. Tracked as CVE-2022-3942, the security issue was reported by Trend Micro’s Zero Day Initiative team.”
Title: Lapsus$ Extortion Gang Leaked the Source Code for Some Microsoft Projects
Date Published: March 22, 2022
https://securityaffairs.co/wordpress/129344/cyber-crime/lapsus-leak-37gb-microsoft-source-code.html
Excerpt: “Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps server and shared a screenshot of alleged internal source code repositories.”
Title: Browser-in-the-Browser Attack Makes Phishing Nearly Invisible
Date Published: March 21, 2022
https://threatpost.com/browser-in-the-browser-attack-makes-phishing-nearly-invisible/179014/
Excerpt: “We’ve had it beaten into our brains: Before you go wily-nily clicking on a page, check the URL. First things first, the tried-and-usually-but-not-always-true advice goes, check that the site’s URL shows “https,” indicating that the site is secured with TLS/SSL encryption. If only it were that easy to avoid phishing sites. In reality, URL reliability hasn’t been absolute for a long time, given things like homograph attacks that swap in similar-looking characters in order to create new, identical-looking but malicious URLs, as well as DNS hijacking, in which Domain Name System (DNS) queries are subverted.”
Title: HEAT attacks: A New Class of Cyber Threats Organizations are Not Prepared For
Date Published: March 22, 2022
https://www.helpnetsecurity.com/2022/03/22/web-security-threats/
Excerpt: “Web malware (47%) and ransomware (42%) now top the list of security threats that organizations are most concerned about. Yet despite the growing risks, just 27% have advanced threat protection in place on every endpoint device that can access corporate applications and resources.”
Title: HubSpot Allegedly Hacked to Target Cryptocurrency Firms
Date Published: March 22, 2022
https://www.bankinfosecurity.com/hubspot-allegedly-hacked-to-target-cryptocurrency-firms-a-18768
Excerpt: “Content management software giant HubSpot released a statement Sunday saying that it had been the victim of a data breach on Friday, citing a compromised employee account as the entry point. Several cryptocurrency firms – BlockFi, Swan Bitcoin, Paxos and NYDIG, among others – have confirmed some customer data was leaked via HubSpot. The customer relationship management firm is a third-party vendor for the cryptocurrency companies, and the leak appears to be an attempt by a malicious actor to access users’ details.”
Title: U.S. Government Warns Companies of Potential Russian Cyberattacks
Date Published: March 22, 2022
https://thehackernews.com/2022/03/us-government-warns-companies-of.html
Excerpt: “The U.S. government on Monday once again cautioned of potential cyber attacks from Russia in retaliation for economic sanctions imposed by the west on the country following its military assault on Ukraine last month.”
Title: OpenSSL Vulnerability can ‘Definitely be Weaponized,’ NSA Cyber Director says
Date Published: March 22, 2022
Excerpt: “A cryptographic vulnerability in the Tonelli Shanks modular algorithm, which is used in popular cryptographic library OpenSSL, can lead to denial-of-service attacks and can “definitely be weaponized” in the current threat environment, according to an NSA official. The bug — discovered by two Google employees, security researcher Tavis Ormandy and software engineer David Benjamin, and is being tracked under CVE-2022-0778 — affects the BN_mod_sqrt() function in OpenSSL, which is used to compute the modular square root and parses certificates that use elliptic curve public key encryption.”
Title: BitRAT malware now spreading as a Windows 10 license activator
Date Published: March 21, 2022
Excerpt: “A new BitRAT malware distribution campaign is underway, exploiting users looking to activate pirated Windows OS versions for free using unofficial Microsoft license activators. BitRAT is a powerful remote access trojan sold on cybercrime forums and dark web markets for as low as $20 (lifetime access) to any cybercriminal who wants it.”
Title: Serpent Backdoor Targets French Entities with High-Evasive Attack Chain
Date Published: March 22, 2022
https://securityaffairs.co/wordpress/129326/malware/serpent-backdoor-targets-french-orgs.html
Excerpt: “Proofpoint researchers uncovered a targeted attack leveraging an open-source package installer Chocolatey to deliver a backdoor tracked as Serpent. The campaign targeted French entities in the construction, real estate, and government industries. Experts believe the attacks were conducted by a sophisticated threat actor.”
Title: Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts
Date Published: March 21, 2022
https://threatpost.com/facestealer-trojan-google-play-facebook/179015/
Excerpt: “A popular mobile app in the official Google Play store called “Craftsart Cartoon Photo Tools” has racked up more than 100,000 installs – but unfortunately for the app’s enthusiasts, it contains a version of the Facestealer Android malware.”