April 13, 2022

Fortify Security Team
Apr 13, 2022

Title: Ethereum Dev Imprisoned for Helping North Korea Evade Sanctions
Date Published: April 12, 2022

https://www.bleepingcomputer.com/news/security/ethereum-dev-imprisoned-for-helping-north-korea-evade-sanctions/

Excerpt: “Virgil Griffith, a US cryptocurrency expert, was sentenced on Tuesday to 63 months in prison after pleading guilty to assisting the Democratic People’s Republic of Korea (DPRK) with technical info on how to evade sanctions. The sanctions imposed by the International Emergency Economic Powers Act (IEEPA) and Executive Order 13466 forbid the export of any goods, services, or technology to the DPRK without a Department of the Treasury license issued by the Office of Foreign Assets Control (OFAC).”

Title: JekyllBot:5 Flaws Allow Hacking TUG Autonomous Mobile Robots in Hospitals
Date Published: April 13, 2022

https://securityaffairs.co/wordpress/130157/security/jekyllbot5-flaws-tug-autonomous-mobile-robots.html

Excerpt: “Researchers at healthcare IoT security firm Cynerio discovered a collection of five vulnerabilities impacting TUG autonomous mobile robots, collectively named JekyllBot:5, that could be exploited by remote attackers to hack the devices. According to a US CISA advisory, the successful exploitation of these flaws could cause a denial-of-service condition, allow full control of robot functions, or expose sensitive information.”

Title: Menswear Brand Zegna Reveals Ransomware Attack
Date Published: April 12, 2022

https://threatpost.com/menswear-zegna-ransomware/179266/

Excerpt: “High-end Italian fashion house Ermenegildo Zegna revealed on Monday that it was the target of a ransomware attack last August — and that it managed to recover its systems from back-up without paying a ransom. The Milan-based firm already had revealed on Aug. 6, 2021, that it became aware of unauthorized access to its systems but did not disclose the specific type of breach.”

Title: Lack of Data Readiness Threatens Digital Transformation in Healthcare Date Published: April 13, 2022
https://www.helpnetsecurity.com/2022/04/13/healthcare-data-readiness/

Excerpt: “A majority of healthcare leaders have established digital transformation as a top priority spurred by the pandemic, yet they’re facing a chronic, underlying challenge that’s impeding their efforts: data readiness. As a result, the number of healthcare executives planning to invest in technologies designed to improve data readiness and support systemic interoperability is projected to jump 440% by 2025— the highest percentage of increased investment compared to other healthcare IT categories.”

Title: New Fraud on the Block Causes Bank Losses to Rise
Date Published: April 13, 2022

https://www.bankinfosecurity.com/new-fraud-on-block-causes-bank-losses-to-rise-a-18867
Excerpt: “A new type of identity fraud now plaguing financial institutions, including banks, has increased 109% year on year in 2021. This increase is a result of traditional banks offering more online lending and depository products, while digital banks, with untested fraud and compliance protocols, are under pressure to show rapid customer growth.”

Title: Microsoft Exposes Evasive Chinese Tarrask Malware Attacking Windows Computers
Date Published: April 13, 2022

https://thehackernews.com/2022/04/microsoft-exposes-evasive-chinese.html

Excerpt: “The Chinese-backed Hafnium hacking group has been linked to a piece of a new malware that’s used to maintain persistence on compromised Windows environments. The threat actor is said to have targeted entities in the telecommunication, internet service provider and data services sectors from August 2021 to February 2022, expanding from the initial victimology patterns observed during its attacks exploiting the then zero-day flaws in Microsoft Exchange Servers in March 2021.”

Title: 80% of Software Codebases Contain at Least One Vulnerability
Date Published: April  12, 2022

https://www.darkreading.com/application-security/80-of-software-codebases-contain-at-least-one-vulnerability

Excerpt: “Open source software’s share of the typical codebase grew to 78% in 2021, yet companies continued to use components that are out of date and no longer maintained, leaving their software potentially vulnerable, a new study shows. The vast majority of software codebases contain at least one vulnerability (81%), use an open source component that is more than four years out of date (85%), and contain components that have had no development in the past two years (88%), according to Synopsys’ annual “Open Source Software Risk Analysis” (OSSRA) report, published this week. However, many of the data points show improvement over last year, when 84% of codebases had at least one vulnerability and 91% had no development activity in the previous two years.”

Title: Microsoft: Windows Server Now Supports Automatic .NET Updates
Date Published: April 12, 2022

https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-server-now-supports-automatic-net-updates/

Excerpt: “Microsoft says Windows admins can now opt into automatic updates for .NET Framework and .NET Core via Microsoft Update (MU) on Windows Server systems. The new option has started rolling out today, and once you opt-in, it will add .NET Core 3.1, .NET 5.0, and .NET 6.0 to the Automatic Updates channel as a third option on top of Windows Server Update Services (WSUS) and Microsoft Update Catalog.”

Title: Operation TOURNIQUET: Authorities Shut Down Dark Web Marketplace RaidForums
Date Published: April 12, 2022

https://securityaffairs.co/wordpress/130131/deep-web/authorities-shut-down-raidforums.html

Excerpt: “The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Operation TOURNIQUET was conducted by law enforcement agencies from the United States, United Kingdom, Sweden, Portugal, and Romania. The law enforcement arrested the administrator of the marketplace and two of his accomplices.”

Title: Microsoft Fixes Actively Exploited Zero-Day Reported by the NSA (CVE-2022-24521)
Date Published: April 12, 2022
https://www.helpnetsecurity.com/2022/04/12/cve-2022-24521/

Excerpt: “On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and another (CVE-2022-26904) for which there’s already a PoC and a Metasploit module.”

Recent Posts

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...

May 3, 2022

Title: Aruba and Avaya Network Switches are Vulnerable to RCE Attacks Date Published: May 3, 2022 https://www.bleepingcomputer.com/news/security/aruba-and-avaya-network-switches-are-vulnerable-to-rce-attacks/ Excerpt: “Security researchers have discovered five...

May 2, 2022

Title: U.S. DoD Tricked into Paying $23.5 Million to Phishing Actor Date Published: May 2, 2022 https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/ Excerpt: “The U.S. Department of Justice (DoJ) has announced the...

April 29, 2022

Title: EmoCheck now Detects New 64-bit Versions of Emotet Malware Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/emocheck-now-detects-new-64-bit-versions-of-emotet-malware/ Excerpt: “The Japan CERT has released a new version of their...

April 28, 2022

Title: New Bumblebee Malware Takes Over BazarLoader's Ransomware Delivery Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/ Excerpt: “A newly discovered malware loader...

April 27, 2022

Title: Chinese State-Backed Hackers now Target Russian State Officers Date Published: April 27, 2022 https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/ Excerpt: “Security researchers analyzing a phishing...