April 1, 2022

Fortify Security Team
Apr 1, 2022

Title: EU Draft Law Adds Security Checks to all Crypto Transactions

Date Published: April 1, 2022

https://www.bleepingcomputer.com/news/legal/eu-draft-law-adds-security-checks-to-all-crypto-transactions/

Excerpt: “The European Parliament has taken the first steps for new legislation against money-laundering that covers cryptocurrency transactions, which are an important part of illicit activities today. Members of the European Parliament from the Committee on Economic and Monetary Affairs (ECON) and the Committee on Civil Liberties (LIBE) have agreed on adopting (with 93 votes in favor, 14 against, and 14 abstentions) draft legislation for more transparent crypto asset transactions.”

Title: AcidRain, a Wiper that Crippled Routers and Modems in Europe

Date Published: April 1, 2022
https://securityaffairs.co/wordpress/129703/malware/acidrain-wiper-ukraine.html

Excerpt: “Security researchers at SentinelLabs have spotted a previously undetected destructive wiper, tracked as AcidRain, that hit routers and modems and that was suspected to be linked to the Viasat KA-SAT attack that took place on February 24th, 2022.”

Title: Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks

Date Published: March 31, 2022

https://threatpost.com/belarusian-ghostwriter-actor-picks-up-bitb-for-ukraine-related-attacks/179210/

Excerpt: “Ghostwriter – a threat actor previously linked with the Belarusian Ministry of Defense – has glommed onto the recently disclosed, nearly invisible “Browser-in-the-Browser” (BitB) credential-phishing technique in order to continue its ongoing exploitation of the war in Ukraine.”

Title: Spring4Shell: No need to Panic, but Mitigations are Advised

Date Published: March 31, 2022
https://www.helpnetsecurity.com/2022/03/31/spring4shell/

Excerpt: “Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively popular framework for building modern Java-based enterprise applications, began circulating online.”

Title: Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Date Published: March 31, 2022

https://krebsonsecurity.com/2022/03/fake-emergency-search-warrants-draw-scrutiny-from-capitol-hill/

Excerpt “On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S. Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes.”

Title: Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code

Date Published: April 1, 2022

https://thehackernews.com/2022/04/critical-bugs-in-rockwell-plc-could.html

Excerpt: “Two new security vulnerabilities have been disclosed in Rockwell Automation’s programmable logic controllers (PLCs) and engineering workstation software that could be exploited by an attacker to inject malicious code on affected systems and stealthily modify automation processes. The flaws have the potential to disrupt industrial operations and cause physical damage to factories in a manner similar to that of Stuxnet and the Rogue7 attacks, operational technology security company Claroty said.”

Title: Microsoft adds Windows 11 Upgrade Block due to IE11 Known Issue

Date Published: April  1, 2022

https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-windows-11-upgrade-block-due-to-ie11-known-issue/

Excerpt: “Microsoft has added a new safeguard hold blocking Windows 11 upgrades for Windows 10 customers who don’t import their Internet Explorer 11 (IE11) data into Microsoft Edge before trying to install the newest Windows version. “After upgrading to Windows 11, saved information and data from Internet Explorer 11 (IE11) might not be accessible if you did not accept to import it into Microsoft Edge before the upgrade,” Microsoft explained in the Windows health dashboard.”

Title: Zyxel Fixes a Critical Bug in its Business Firewall and VPN Devices

Date Published: April 1, 2022

https://securityaffairs.co/wordpress/129689/security/zyxel-firewalls-authentication-bypass.html

Excerpt: “Networking equipment vendor Zyxel has pushed security updates for a critical flaw, tracked as CVE-2022-0342 (CVSS 9.8), that affects some of its business firewall and VPN products. The vulnerability can be exploited to take control of the devices.”

Title: Apple Rushes Out Patches for 0-Days in MacOS, iOS

Date Published: April 1, 2022

https://threatpost.com/apple-rushes-out-patches-0-days-macos-ios/179222/

Excerpt: “Apple rushed out patches for two zero-days affecting macOS and iOS Thursday, both of which are likely under active exploitation and could allow a threat actor to disrupt or access kernel activity. Apple released separate security updates for the bugs – a vulnerability affecting both macOS and iOS tracked as CVE-2022-22675 and a macOS flaw tracked as CVE-2022-22674. Their discovery was attributed to an anonymous researcher.”

Title: North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims’ Crypto

Date Published: April 1, 2022

https://thehackernews.com/2022/04/north-korean-hackers-distributing.html

Excerpt: “The North Korean state-backed hacking crew, otherwise known as the Lazarus Group, has been attributed to yet another financially motivated campaign that leverages a trojanized decentralized finance (DeFi) wallet app to distribute a fully-featured backdoor onto compromised Windows systems.”

Recent Posts

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...

May 3, 2022

Title: Aruba and Avaya Network Switches are Vulnerable to RCE Attacks Date Published: May 3, 2022 https://www.bleepingcomputer.com/news/security/aruba-and-avaya-network-switches-are-vulnerable-to-rce-attacks/ Excerpt: “Security researchers have discovered five...

May 2, 2022

Title: U.S. DoD Tricked into Paying $23.5 Million to Phishing Actor Date Published: May 2, 2022 https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/ Excerpt: “The U.S. Department of Justice (DoJ) has announced the...

April 29, 2022

Title: EmoCheck now Detects New 64-bit Versions of Emotet Malware Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/emocheck-now-detects-new-64-bit-versions-of-emotet-malware/ Excerpt: “The Japan CERT has released a new version of their...

April 28, 2022

Title: New Bumblebee Malware Takes Over BazarLoader's Ransomware Delivery Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/ Excerpt: “A newly discovered malware loader...

April 27, 2022

Title: Chinese State-Backed Hackers now Target Russian State Officers Date Published: April 27, 2022 https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/ Excerpt: “Security researchers analyzing a phishing...