April 14, 2022

Fortify Security Team
Apr 14, 2022

Title: Flaw in Rarible NFT Market Allowed Tricky Crypto Asset Transfers

Date Published: April 14, 2022

https://www.bleepingcomputer.com/news/security/flaw-in-rarible-nft-market-allowed-tricky-crypto-asset-transfers/

Excerpt: “A security flaw in the Rarible NFT (non-fungible token) marketplace allowed threat actors to use a relatively simple trick to steal digital assets and transfer them directly into their wallets. Rarible is a community-centric NFT marketplace that offers up to 50% in royalties, having 2.1 million registered users, hundreds of millions U.S. dollars in annual trading volumes, and support for three blockchains.”

Title: Critical VMware Workspace ONE Access CVE-2022-22954 flaw actively exploited

Date Published: April 14, 2022

https://securityaffairs.co/wordpress/130188/hacking/vmware-workspace-one-access-flaw-attacks.html

Excerpt: “Threat actors are actively exploiting a critical flaw, tracked as CVE-2022-22954, in VMware Workspace ONE Access and Identity Manager recently patched by the vendor. Researchers from cyber threat intelligence BadPackets also reported that the vulnerability is actively exploited in the wild.”

Title: Feds Shut Down RaidForums Hacking Marketplace

Date Published: April 13, 2022

https://threatpost.com/shut-down-raidforums-hacking-marketplace/179279/

Excerpt: “U.S. law enforcement has shut down one of the largest cybercriminal online forums in the world and revealed the charges its Portuguese founder will face in federal court. However, the takedown is likely to only be a temporary blow to hackers, who will find other ways of buying and selling data stolen in cyber-attacks, security professionals noted.”

Title: New EnemyBot DDoS Botnet Borrows Exploit Code from Mirai and Gafgyt

Date Published: April 14, 2022

https://thehackernews.com/2022/04/new-enemybot-ddos-botnet-borrows.html

Excerpt: “A threat group that pursues crypto mining and distributed denial-of-service (DDoS) attacks has been linked to a new botnet called Enemybot, which has been discovered enslaving routers and Internet of Things (IoT) devices since last month. “This botnet is mainly derived from Gafgyt’s source code but has been observed to borrow several modules from Mirai’s original source code,” Fortinet FortiGuard Labs said in a report this week.”

Title: Insurance Companies Increasingly Fall Prey to Cyberattacks

Date Published: April 14, 2022

https://www.scmagazine.com/analysis/cybercrime/insurance-companies-increasingly-fall-prey-to-cyberattacks

Excerpt: “For many years, cybercriminals have focused their attacks on banks, credit unions and investment firms. But given the bounty of information held by insurance companies, it was only a matter of time before hackers started going after traditional insurance companies. In March 2020, one of the most notable breaches to hit the industry came to light, when it was made public that Chubb, one of the largest insurance companies in the world, had been hit by a ransomware attack. The New Jersey-based insurance company had fallen victim to Maze ransomware, a particularly sophisticated variant known to spread like wildfire throughout a network, and difficult to root out.”

Title: Identifying a Vulnerability in the SAP Software Supply Chain

Date Published: April 13, 2022

https://www.darkreading.com/vulnerabilities-threats/identifying-a-vulnerability-in-the-sap-software-supply-chain

Excerpt: “Software supply chain attacks, also called value-chain or third-party attacks, are emerging threats. This type of attack is often carried out by infiltrating a third party or outside partner that has access to your systems. Typically, the attacker’s intent is to access source codes, build processes, or update mechanisms by infecting legitimate apps and hijacking them to distribute malware. However, when it comes to targeting SAP systems, these types of attacks can be carried out by employees and also hit internal software deployment processes. “

Title: OldGremlin Ransomware Deploys New Malware on Russian Mining Org

Date Published: April  14, 2022

https://www.bleepingcomputer.com/news/security/oldgremlin-ransomware-deploys-new-malware-on-russian-mining-org/

Excerpt: “OldGremlin, a little-known threat actor that uses its particularly advanced skills to run carefully prepared, sporadic campaigns, has made a comeback last month after a gap of more than one year. The group distinguishes itself from other ransomware operations through the small number of campaigns – less than five since early 2021 – that target only businesses in Russia and the use of custom backdoors built in-house.”

Title: Microsoft has Taken Legal and Technical Action to Dismantle the Zloader Botnet

Date Published: April 14, 2022

https://securityaffairs.co/wordpress/130181/malware/microsoft-disrupts-zloader-malware-infrastructure.html

Excerpt: “Microsoft dismantled the C2 infrastructure used by the ZLoader trojan with the help of telecommunications providers around the world and cybersecurity firms. The IT giant obtained a court order that allowed it to sinkhole 65 domains used by the ZLoader operators along with an additional 319 currently registered DGA domains.”

Title: Ethereum Developer Jailed 63 Months for Helping North Korea Evade Sanctions

Date Published: April 14, 2022

https://thehackernews.com/2022/04/ethereum-developer-jailed-63-months-for.html

Excerpt: “The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Operation TOURNIQUET was conducted by law enforcement agencies from the United States, United Kingdom, Sweden, Portugal, and Romania. The law enforcement arrested the administrator of the marketplace and two of his accomplices.”

Title: Consumers Feel Data Leakage is Inevitable so Many Have Stopped Caring

Date Published: April 14, 2022

https://www.helpnetsecurity.com/2022/04/14/data-privacy-consumer-perceptions/

Excerpt: “Imperva releases findings from a global study on consumer perceptions of data privacy and trust in digital service providers. In an increasingly digital world, consumers feel trapped: sharing personal data is a requirement to use digital services, but the majority do not trust these organizations to protect their data.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/bizarre-ransomware-sells-decryptor-on-roblox-game-pass-store/ Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/ Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 https://www.bleepingcomputer.com/news/legal/surfshark-expressvpn-pull-out-of-india-over-data-retention-laws/ Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 https://www.bleepingcomputer.com/news/security/italian-city-of-palermo-shuts-down-all-systems-to-fend-off-cyberattack/ Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/critical-atlassian-confluence-zero-day-actively-used-in-attacks/ Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/conti-ransomware-targeted-intel-firmware-for-stealthy-attacks/ Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/ Excerpt: “The duration of ransomware attacks in 2021...