March 8, 2022

Fortify Security Team
Mar 8, 2022

Title: Access:7 Vulnerabilities Impact Medical and IoT Devices
Date Published: March 8, 2022

Excerpt: “A set of seven vulnerabilities collectively tracked as Access:7 have been found in PTC’s Axeda agent, a solution used for remote access and management of over 150 connected devices from more than 100 vendors. Three of the security issues received a severity score of at least 9.4 (critical) and could be exploited for remote code execution on devices running a vulnerable version of the Axeda agent.”

Title: Coinbase Blocked 25,000 Crypto Addresses Linked to Russian Individuals and Entities
Date Published: March 7, 2022

Excerpt: “The popular cryptocurrency exchange Coinbase announced today that it’s blocking access to more than 25,000 blockchain addresses linked to Russian people and entities. Coinbase chief legal officer Paul Grewal explained that its company is complying with sanctions imposed by governments around the world on individuals and territories in response to Russia’s invasion of Ukraine. The exchange is also using “sophisticated blockchain analytics” to identify accounts held by sanctioned individuals outside of Coinbase.”

Title: Novel Attack Turns Amazon Devices Against Themselves
Date Published: March 7, 2022

Excerpt: “Researchers from the University of London and the University of Catania have discovered how to weaponize Amazon Echo devices to hack themselves. The – dubbed “Alexa vs. Alexa” – leverages what the researchers called “a command self-issue vulnerability”: using pre-recorded messages which, when played over a 3rd– or 4th-generation Echo speaker, causes the speaker to perform actions on itself.

Title: Easily Exploitable Linux Bug Gives Root Access to Attackers (CVE-2022-0847)
Date Published: March 8, 2022

Excerpt: “An easily exploitable vulnerability (CVE-2022-0847) in the Linux kernel can be used by local unprivileged users to gain root privileges on vulnerable systems by taking advantage of already public exploits. Discovered by security researcher Max Kellermann, the flaw – which he dubbed Dirty Pipe, due to its similarity to the Dirty Cow flaw – has already been patched in the Linux kernel and the Android kernel. Affected Linux distributions are in the process of pushing out security updates with the patch.”

Title: White House Requests Billions in Tech Aid for Ukraine
Date Published: March 7, 2022

Excerpt: “As the ground war in Ukraine intensifies, U.S. and NATO officials are increasingly looking to sharpen their sanctions and rhetoric against Moscow, and cybersecurity has proven a pivotal part of the discussion. The Biden administration is now requesting $10 billion in emergency funds to address Russia’s campaign, with sizeable pots for cybersecurity. Officials say it will help curb the global impact of the Kremlin’s campaign.”

Title: Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code
Date Published: March 8, 2022

Excerpt: “Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees,” the electronics giant told Bloomberg.”

Title: Patched Vulnerability in Widely Used UPS Devices Allows Attackers to Control Power Backup System
Date Published: March 8, 2022

Excerpt: “Schneider Electric patched three vulnerabilities in its popular APC Smart-UPS line of power backup systems that could allow attackers to control if or how energy flows, or overheat the UPS to dangerous levels. Armis, who discovered the vulnerabilities, released a video demonstrating how to use modified firmware to turn the power on and off, remotely alter the waveform of and voltage of the electricity being supplied and overheat it to the point the UPS emits smoke.”

Title: FBI: Ransomware Gang Breached 52 US critical Infrastructure Orgs
Date Published: March 7, 2022

Excerpt: “The US Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors. This was revealed in a joint TLP:WHITE flash alert published on Monday in coordination with the Cybersecurity and Infrastructure Security Agency.”

Title: Ukraine’s CERT-UA Warns of Phishing Attacks Against Ukrainian Citizens
Date Published: March 8, 2022

Excerpt: “Ukraine’s Computer Emergency Response Team (CERT-UA) is warning of new phishing attacks targeting Ukrainian citizens through compromised email accounts belonging to three different Indian entities. The attacks were aimed at stealing sensitive information from compromised accounts. The malicious emails are sent by “muthuprakash.b@tvsrubber[.]com” and used the subject line “?????” (translates “Attention”) and claimed to be from a domestic email service called”

Title: Google: Russian Hackers Target Ukrainians, European Allies via Phishing Attacks
Date Published: March 8, 2022

Excerpt: “A broad range of threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, have launched phishing campaigns against Ukraine, Poland, and other European entities amid Russia’s invasion of Ukraine. Google’s Threat Analysis Group (TAG) said it took down two Blogspot domains that were used by the nation-state group FancyBear (aka APT28) – which is attributed to Russia’s GRU military intelligence – as a landing page for its social engineering attacks.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 Excerpt: “The duration of ransomware attacks in 2021...