April 13, 2022

Fortify Security Team
Apr 13, 2022

Title: Ethereum Dev Imprisoned for Helping North Korea Evade Sanctions
Date Published: April 12, 2022


Excerpt: “Virgil Griffith, a US cryptocurrency expert, was sentenced on Tuesday to 63 months in prison after pleading guilty to assisting the Democratic People’s Republic of Korea (DPRK) with technical info on how to evade sanctions. The sanctions imposed by the International Emergency Economic Powers Act (IEEPA) and Executive Order 13466 forbid the export of any goods, services, or technology to the DPRK without a Department of the Treasury license issued by the Office of Foreign Assets Control (OFAC).”

Title: JekyllBot:5 Flaws Allow Hacking TUG Autonomous Mobile Robots in Hospitals
Date Published: April 13, 2022


Excerpt: “Researchers at healthcare IoT security firm Cynerio discovered a collection of five vulnerabilities impacting TUG autonomous mobile robots, collectively named JekyllBot:5, that could be exploited by remote attackers to hack the devices. According to a US CISA advisory, the successful exploitation of these flaws could cause a denial-of-service condition, allow full control of robot functions, or expose sensitive information.”

Title: Menswear Brand Zegna Reveals Ransomware Attack
Date Published: April 12, 2022


Excerpt: “High-end Italian fashion house Ermenegildo Zegna revealed on Monday that it was the target of a ransomware attack last August — and that it managed to recover its systems from back-up without paying a ransom. The Milan-based firm already had revealed on Aug. 6, 2021, that it became aware of unauthorized access to its systems but did not disclose the specific type of breach.”

Title: Lack of Data Readiness Threatens Digital Transformation in Healthcare Date Published: April 13, 2022

Excerpt: “A majority of healthcare leaders have established digital transformation as a top priority spurred by the pandemic, yet they’re facing a chronic, underlying challenge that’s impeding their efforts: data readiness. As a result, the number of healthcare executives planning to invest in technologies designed to improve data readiness and support systemic interoperability is projected to jump 440% by 2025— the highest percentage of increased investment compared to other healthcare IT categories.”

Title: New Fraud on the Block Causes Bank Losses to Rise
Date Published: April 13, 2022

Excerpt: “A new type of identity fraud now plaguing financial institutions, including banks, has increased 109% year on year in 2021. This increase is a result of traditional banks offering more online lending and depository products, while digital banks, with untested fraud and compliance protocols, are under pressure to show rapid customer growth.”

Title: Microsoft Exposes Evasive Chinese Tarrask Malware Attacking Windows Computers
Date Published: April 13, 2022


Excerpt: “The Chinese-backed Hafnium hacking group has been linked to a piece of a new malware that’s used to maintain persistence on compromised Windows environments. The threat actor is said to have targeted entities in the telecommunication, internet service provider and data services sectors from August 2021 to February 2022, expanding from the initial victimology patterns observed during its attacks exploiting the then zero-day flaws in Microsoft Exchange Servers in March 2021.”

Title: 80% of Software Codebases Contain at Least One Vulnerability
Date Published: April  12, 2022


Excerpt: “Open source software’s share of the typical codebase grew to 78% in 2021, yet companies continued to use components that are out of date and no longer maintained, leaving their software potentially vulnerable, a new study shows. The vast majority of software codebases contain at least one vulnerability (81%), use an open source component that is more than four years out of date (85%), and contain components that have had no development in the past two years (88%), according to Synopsys’ annual “Open Source Software Risk Analysis” (OSSRA) report, published this week. However, many of the data points show improvement over last year, when 84% of codebases had at least one vulnerability and 91% had no development activity in the previous two years.”

Title: Microsoft: Windows Server Now Supports Automatic .NET Updates
Date Published: April 12, 2022


Excerpt: “Microsoft says Windows admins can now opt into automatic updates for .NET Framework and .NET Core via Microsoft Update (MU) on Windows Server systems. The new option has started rolling out today, and once you opt-in, it will add .NET Core 3.1, .NET 5.0, and .NET 6.0 to the Automatic Updates channel as a third option on top of Windows Server Update Services (WSUS) and Microsoft Update Catalog.”

Title: Operation TOURNIQUET: Authorities Shut Down Dark Web Marketplace RaidForums
Date Published: April 12, 2022


Excerpt: “The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Operation TOURNIQUET was conducted by law enforcement agencies from the United States, United Kingdom, Sweden, Portugal, and Romania. The law enforcement arrested the administrator of the marketplace and two of his accomplices.”

Title: Microsoft Fixes Actively Exploited Zero-Day Reported by the NSA (CVE-2022-24521)
Date Published: April 12, 2022

Excerpt: “On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and another (CVE-2022-26904) for which there’s already a PoC and a Metasploit module.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/bizarre-ransomware-sells-decryptor-on-roblox-game-pass-store/ Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/ Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 https://www.bleepingcomputer.com/news/legal/surfshark-expressvpn-pull-out-of-india-over-data-retention-laws/ Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 https://www.bleepingcomputer.com/news/security/italian-city-of-palermo-shuts-down-all-systems-to-fend-off-cyberattack/ Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/critical-atlassian-confluence-zero-day-actively-used-in-attacks/ Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/conti-ransomware-targeted-intel-firmware-for-stealthy-attacks/ Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/ Excerpt: “The duration of ransomware attacks in 2021...