April 13, 2022

Fortify Security Team
Apr 13, 2022

Title: Ethereum Dev Imprisoned for Helping North Korea Evade Sanctions
Date Published: April 12, 2022


Excerpt: “Virgil Griffith, a US cryptocurrency expert, was sentenced on Tuesday to 63 months in prison after pleading guilty to assisting the Democratic People’s Republic of Korea (DPRK) with technical info on how to evade sanctions. The sanctions imposed by the International Emergency Economic Powers Act (IEEPA) and Executive Order 13466 forbid the export of any goods, services, or technology to the DPRK without a Department of the Treasury license issued by the Office of Foreign Assets Control (OFAC).”

Title: JekyllBot:5 Flaws Allow Hacking TUG Autonomous Mobile Robots in Hospitals
Date Published: April 13, 2022


Excerpt: “Researchers at healthcare IoT security firm Cynerio discovered a collection of five vulnerabilities impacting TUG autonomous mobile robots, collectively named JekyllBot:5, that could be exploited by remote attackers to hack the devices. According to a US CISA advisory, the successful exploitation of these flaws could cause a denial-of-service condition, allow full control of robot functions, or expose sensitive information.”

Title: Menswear Brand Zegna Reveals Ransomware Attack
Date Published: April 12, 2022


Excerpt: “High-end Italian fashion house Ermenegildo Zegna revealed on Monday that it was the target of a ransomware attack last August — and that it managed to recover its systems from back-up without paying a ransom. The Milan-based firm already had revealed on Aug. 6, 2021, that it became aware of unauthorized access to its systems but did not disclose the specific type of breach.”

Title: Lack of Data Readiness Threatens Digital Transformation in Healthcare Date Published: April 13, 2022

Excerpt: “A majority of healthcare leaders have established digital transformation as a top priority spurred by the pandemic, yet they’re facing a chronic, underlying challenge that’s impeding their efforts: data readiness. As a result, the number of healthcare executives planning to invest in technologies designed to improve data readiness and support systemic interoperability is projected to jump 440% by 2025— the highest percentage of increased investment compared to other healthcare IT categories.”

Title: New Fraud on the Block Causes Bank Losses to Rise
Date Published: April 13, 2022

Excerpt: “A new type of identity fraud now plaguing financial institutions, including banks, has increased 109% year on year in 2021. This increase is a result of traditional banks offering more online lending and depository products, while digital banks, with untested fraud and compliance protocols, are under pressure to show rapid customer growth.”

Title: Microsoft Exposes Evasive Chinese Tarrask Malware Attacking Windows Computers
Date Published: April 13, 2022


Excerpt: “The Chinese-backed Hafnium hacking group has been linked to a piece of a new malware that’s used to maintain persistence on compromised Windows environments. The threat actor is said to have targeted entities in the telecommunication, internet service provider and data services sectors from August 2021 to February 2022, expanding from the initial victimology patterns observed during its attacks exploiting the then zero-day flaws in Microsoft Exchange Servers in March 2021.”

Title: 80% of Software Codebases Contain at Least One Vulnerability
Date Published: April  12, 2022


Excerpt: “Open source software’s share of the typical codebase grew to 78% in 2021, yet companies continued to use components that are out of date and no longer maintained, leaving their software potentially vulnerable, a new study shows. The vast majority of software codebases contain at least one vulnerability (81%), use an open source component that is more than four years out of date (85%), and contain components that have had no development in the past two years (88%), according to Synopsys’ annual “Open Source Software Risk Analysis” (OSSRA) report, published this week. However, many of the data points show improvement over last year, when 84% of codebases had at least one vulnerability and 91% had no development activity in the previous two years.”

Title: Microsoft: Windows Server Now Supports Automatic .NET Updates
Date Published: April 12, 2022


Excerpt: “Microsoft says Windows admins can now opt into automatic updates for .NET Framework and .NET Core via Microsoft Update (MU) on Windows Server systems. The new option has started rolling out today, and once you opt-in, it will add .NET Core 3.1, .NET 5.0, and .NET 6.0 to the Automatic Updates channel as a third option on top of Windows Server Update Services (WSUS) and Microsoft Update Catalog.”

Title: Operation TOURNIQUET: Authorities Shut Down Dark Web Marketplace RaidForums
Date Published: April 12, 2022


Excerpt: “The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Operation TOURNIQUET was conducted by law enforcement agencies from the United States, United Kingdom, Sweden, Portugal, and Romania. The law enforcement arrested the administrator of the marketplace and two of his accomplices.”

Title: Microsoft Fixes Actively Exploited Zero-Day Reported by the NSA (CVE-2022-24521)
Date Published: April 12, 2022

Excerpt: “On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and another (CVE-2022-26904) for which there’s already a PoC and a Metasploit module.”

Recent Posts

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/us-health-dept-warns-of-royal-ransomware-targeting-healthcare/ Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/new-zombinder-platform-binds-android-malware-with-legitimate-apps/ Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 https://www.welivesecurity.com/2022/12/07/fantasy-new-agrius-wiper-supply-chain-attack/ Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 https://www.zdnet.com/article/this-badly-made-ransomware-cant-decrypt-your-files-even-if-you-pay-the-ransom/ Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 https://www.bleepingcomputer.com/news/security/sim-swapper-gets-18-months-for-involvement-in-22-million-crypto-heist/ Excerpt: “Florida man Nicholas Truglia...

December 2, 2022

Title: New Go-Based Redigo Malware Targets Redis Servers Date Published: December 1, 2022 https://securityaffairs.co/wordpress/139164/malware/redigo-malware-targets-redis-servers.html Excerpt: “Redigo is a new Go-based malware employed in attacks against Redis servers...

December 1, 2022

Title: Keralty Ransomware Attack Impacts Colombia’s Health Care System Date Published: November 30, 2022 https://www.bleepingcomputer.com/news/security/keralty-ransomware-attack-impacts-colombias-health-care-system/ Excerpt: “The Keralty multinational healthcare...