March 9, 2022

Fortify Security Team
Mar 9, 2022

Title: APC UPS Zero-Day Bugs Can Remotely Burn Out Devices, Disable Power
Date Published: March 8, 2022

https://www.bleepingcomputer.com/news/security/apc-ups-zero-day-bugs-can-remotely-burn-out-devices-disable-power/

Excerpt: “A set of three critical zero-day vulnerabilities now tracked as TLStorm could let hackers take control of uninterruptible power supply (UPS) devices from APC, a subsidiary of Schneider Electric. The flaws affect APC Smart-UPS systems that are popular in a variety of activity sectors, including governmental, healthcare, industrial, IT, and retail.”

Title: Microsoft March 2022 Patch Tuesday Updates Fix 89 Vulnerabilities
Date Published: March 9, 2022

https://securityaffairs.co/wordpress/128834/security/microsoft-march-2022-patch-tuesday.html

Excerpt: “Microsoft March 2022 Patch Tuesday security updates address 89 vulnerabilities in multiple products, including Microsoft Windows components, Azure and Azure DevOps, Azure Sphere, Internet Explorer and Edge (EdgeHTML), Exchange Server, Office and Office Services and Web Apps, SharePoint Server, Visual Studio, and Windows Hyper-V.”

Title: Russian APTs Furiously Phish Ukraine – Google
Date Published: March 9, 2022

https://threatpost.com/russian-apts-phishing-ukraine-google/178819/

Excerpt: “While Russia is fighting a physical war on the ground against Ukraine, advanced persistent threat (APT) groups affiliated with or backing Vladimir Putin’s government are ramping up phishing and other attacks against Ukrainian and European targets in cyberspace, Google is warning.”

Title: Mid-Market Tackling High Rate of Costly Attacks, Worsened by Complex, Siloed Defenses and Staff Burnout
Date Published: March 9, 2022

https://www.helpnetsecurity.com/2022/03/09/mid-market-organizations-cyberattacks/

Excerpt: “Mid-market organizations in the UK suffered significant financial and operational damage as a result of cyberattacks in 2021, and want to see fundamental change to how cybersecurity is designed and run, a Censornet research reveals.”

Title: Reports: White House Set to Issue Executive Order on Crypto
Date Published: March 8, 2022

https://www.bankinfosecurity.com/reports-white-house-set-to-issue-executive-order-on-crypto-a-18680

Excerpt: “U.S. President Joe Biden is reportedly set to make an unprecedented move for the digital asset space – outlining a whole-of-government approach to reining in cryptocurrencies, which have long been chided for potentially lax cybersecurity and anti-fraud measures. According to media reports, the administration will announce an executive order on cryptocurrency as early as this week, in an effort to jump-start U.S. alignment with global allies on enforcement.”

Title: Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses
Date Published: March 9, 2022

https://thehackernews.com/2022/03/critical-rce-bugs-found-in-pascom-cloud.html

Excerpt: “Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System (CPS) that could be combined to achieve a full pre-authenticated remote code execution of affected systems. Kerbit security researcher Daniel Eshetu said the shortcomings, when chained together, can lead to “an unauthenticated attacker gaining root on these devices.”

Title: Chinese Phishing Actors Consistently Targeting EU Diplomats
Date Published: March 9, 2022

https://www.bleepingcomputer.com/news/security/chinese-phishing-actors-consistently-targeting-eu-diplomats/

Excerpt: “The China-aligned group tracked as TA416 (aka Mustang Panda) has been consistently targeting European diplomats since August 2020, with the most recent activity involving refreshed lures to coincide with the Russian invasion of Ukraine. According to a new report by Proofpoint, TA416 spearheads cyber-espionage operations against the EU, consistently focusing on this long-term role without reaping opportunistic gains.”

Title: HP Addressed 16 UEFI Firmware Flaws Impacting Laptops, Desktops, PoS Systems
Date Published: March 9, 2022

https://securityaffairs.co/wordpress/128838/hacking/hp-uefi-firmware-flaws.html

Excerpt: “Researchers from cybersecurity firm Binarly discovered 16 high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. An attacker can exploit these vulnerabilities to implant a firmware that survives operating system updates and bypasses UEFI Secure Boot, Intel Boot Guard, and virtualization-based security.”

Title: Small Business Owners Worried About the Cybersecurity of their Commercial Vehicles
Date Published: March 9, 2022

https://www.helpnetsecurity.com/2022/03/09/electric-vehicles-charging-stations/

Excerpt: “Small business owners are adding electric vehicles to their service fleets, a survey released by HSB reports, but they worry about cybersecurity when connecting them to public charging stations. The poll conducted by Zogby Analytics found 15 percent of small and medium-size businesses had leased or purchased electric vehicles (EVs) for commercial use.”

Title: Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times
Date Published: March 9, 2022

https://thehackernews.com/2022/03/hackers-abuse-mitel-devices-to-amplify.html

Excerpt: “Threat actors have been observed abusing a high-impact reflection/amplification method to stage sustained distributed denial-of-service (DDoS) attacks for up to 14 hours with a record-breaking amplification ratio of 4,294,967,296 to 1. The attack vector – dubbed TP240PhoneHome (CVE-2022-26143) – has been weaponized to launch significant DDoS attacks targeting broadband access ISPs, financial institutions, logistics companies, gaming firms, and other organizations.”

Recent Posts

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 https://www.bleepingcomputer.com/news/security/sim-swapper-gets-18-months-for-involvement-in-22-million-crypto-heist/ Excerpt: “Florida man Nicholas Truglia...

December 2, 2022

Title: New Go-Based Redigo Malware Targets Redis Servers Date Published: December 1, 2022 https://securityaffairs.co/wordpress/139164/malware/redigo-malware-targets-redis-servers.html Excerpt: “Redigo is a new Go-based malware employed in attacks against Redis servers...

December 1, 2022

Title: Keralty Ransomware Attack Impacts Colombia’s Health Care System Date Published: November 30, 2022 https://www.bleepingcomputer.com/news/security/keralty-ransomware-attack-impacts-colombias-health-care-system/ Excerpt: “The Keralty multinational healthcare...

November 30, 2022

Title: China-Linked UNC4191 APT Relies on USB Devices in Attacks Against Entities in the Philippines Date Published: November 30, 2022 https://securityaffairs.co/wordpress/139097/apt/unc4191-used-usb-devices.html Excerpt: “An alleged China-linked cyberespionage group,...

November 30, 2022

Title: China-Linked UNC4191 APT Relies on USB Devices in Attacks Against Entities in the Philippines Date Published: November 30, 2022 https://securityaffairs.co/wordpress/139097/apt/unc4191-used-usb-devices.html Excerpt: “An alleged China-linked cyberespionage group,...

November 29, 2022

Title: Malicious Android App Found Powering Account Creation Service Date Published: November 28, 2022 https://www.bleepingcomputer.com/news/security/malicious-android-app-found-powering-account-creation-service/ Excerpt: “A fake Android SMS application, with 100,000...

November 28, 2022

Title: Ransomboggs Ransomware Hit Several Ukrainian Entities, Experts Attribute It to Russia Date Published: November 28, 2022 https://securityaffairs.co/wordpress/139028/cyber-warfare-2/ransomboggs-ransomware-targeted-ukraine.html Excerpt: “Several Ukrainian...