April 19, 2022

Fortify Security Team
Apr 19, 2022

Title: LinkedIn Brand Takes Lead as Most Impersonated in Phishing Attacks
Date Published: April 19, 2022

https://www.bleepingcomputer.com/news/security/linkedin-brand-takes-lead-as-most-impersonated-in-phishing-attacks/

Excerpt: “Security researchers are warning that LinkedIn has become the most spoofed brand in phishing attacks, accounting for more than 52% of all such incidents at a global level. The data comes cybersecurity company Check Point, who recorded a dramatic uptick in LinkedIn brand abuse in phishing incidents in the first quarter of this year.”

Title: Kaspersky Releases a Free Decryptor for Yanluowang Ransomware
Date Published: April 19, 2022

https://securityaffairs.co/wordpress/130369/malware/yanluowang-ransomware-free-decryptor.html

Excerpt: “Researchers from Kaspersky discovered a vulnerability in the encryption process of the Yanluowang ransomware that can be exploited to recover the files encrypted by the malware without paying the ransom. The Yanluowang ransomware was first spotted by researchers from Symantec Threat Hunter Team in October 2021, the malware was used in highly targeted attacks against large enterprises.”

Title: 81% of Codebases Contain Known Open Source Vulnerabilities
Date Published: April 19, 2022

https://www.helpnetsecurity.com/2022/04/19/open-source-usage-trends/

Excerpt: “Synopsys released a report which examines the results of more than 2,400 audits of commercial and proprietary codebases from merger and acquisition transactions, and highlights trends in open source usage within commercial and proprietary applications and provides insights to help developers better understand the interconnected software ecosystem.”

Title: Experts Uncover Spyware Attacks Against Catalan Politicians and Activists
Date Published: April 19, 2022

https://thehackernews.com/2022/04/experts-uncover-spyware-attacks-against.html

Excerpt: “A previously unknown zero-click exploit in Apple’s iMessage was used to install mercenary spyware from NSO Group and Candiru against at least 65 individuals as part of a “multi-year clandestine operation.” “Victims included Members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organizations,” the University of Toronto’s Citizen Lab said in a new report. “Family members were also infected in some cases.”

Title: A Single Email Account Hack Spurs Breach Notice for 503K Christie Clinic Patients
Date Published: April 18, 2022

https://www.scmagazine.com/analysis/breach/a-single-email-account-hack-spurs-breach-notice-for-503k-christie-clinic-patients

Excerpt: “Just because death and taxes are a certainty, it does not mean that individual and business taxpayers need fall prey to the growing raft of tax-related scams that experts have seen recently. Cybercrime rings have utilized a variety of tricky email- and online-based approaches to steal privileged data or funds, or just to infiltrate the networks of their victims, under the guise of the IRS.”

Title: Security-as-Code Gains More Support, but Still Nascent
Date Published: April 18, 2022

https://www.darkreading.com/cloud/security-as-code-gains-more-support-but-still-nascent

Excerpt: “The increased adoption of cloud infrastructure by companies looking to improve agility and support a hybrid workforce has led to more development teams adopting security-as-code as a way to build security into software and products. Over the past year, for example, Google has pushed security-as-code as a fundamental component of its cloud offerings, identifying in January “software-defined infrastructure” as one of the eight megatrends driving the security of the cloud. Encoding security configuration as code that can be an input into development and deployment processes lets organizations analyze their security configuration, change and redeploy easily, and continuously monitor the state of their security configuration to evaluate whether it matches policies.”

Title: New Stealthy BotenaGo Malware Variant Targets DVR Devices
Date Published: April  19, 2022

https://www.bleepingcomputer.com/news/security/new-stealthy-botenago-malware-variant-targets-dvr-devices/

Excerpt: “Threat analysts have spotted a new variant of the BotenaGo botnet malware, and it’s the stealthiest seen so far, running undetected by any anti-virus engine. BotenaGo is a relatively new malware written in Golang, Google’s open-source programming language. The source code for the botnet has been publicly available for about half a year, since it was leaked in October 2021.”

Title: NSO Group Pegasus Spyware Leverages New Zero-Click iPhone Exploit in Recent Attacks
Date Published: April 19, 2022

https://securityaffairs.co/wordpress/130360/malware/nso-group-pegasus-click-iphone-exploit.html

Excerpt: “Researchers from Citizen Lab have published a report detailing the use of a new zero-click iMessage exploit, dubbed HOMAGE, to install the NSO Group Pegasus spyware on iPhones belonging to Catalan politicians, journalists, academics, and activists. The previously undocumented zero-click iMessage exploit HOMAGE works in attacks against iOS versions before 13.2.”

Title: New Lenovo UEFI Firmware Vulnerabilities Affect Millions of Laptops
Date Published: April 19, 2022

https://thehackernews.com/2022/04/new-lenovo-uefi-firmware.html

Excerpt: “Three high-impact Unified Extensible Firmware Interface (UEFI) security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices. Tracked as CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, the latter two “affect firmware drivers originally meant to be used only during the manufacturing process of Lenovo consumer notebooks,” ESET researcher Martin Smolár said in a report published today.”

Title: US Warns of Lazarus Hackers Using Malicious Cryptocurrency Apps
Date Published: April 18, 2022

https://www.bleepingcomputer.com/news/security/us-warns-of-lazarus-hackers-using-malicious-cryptocurrency-apps/

Excerpt: “The U.S. government is offering a reward of up to $5 million for information that helps it disrupt the illicit flow of funds to North Korea. The State Department’s Rewards for Justice program on Friday announced that it’s seeking information that leads to “the disruption of financial mechanisms of persons engaged in certain activities that support North Korea, including money laundering, exportation of luxury goods to North Korea, specified cyber-activity” and anything that supports the country’s weapons of mass destruction programs.”

Recent Posts

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...

May 3, 2022

Title: Aruba and Avaya Network Switches are Vulnerable to RCE Attacks Date Published: May 3, 2022 https://www.bleepingcomputer.com/news/security/aruba-and-avaya-network-switches-are-vulnerable-to-rce-attacks/ Excerpt: “Security researchers have discovered five...

May 2, 2022

Title: U.S. DoD Tricked into Paying $23.5 Million to Phishing Actor Date Published: May 2, 2022 https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/ Excerpt: “The U.S. Department of Justice (DoJ) has announced the...

April 29, 2022

Title: EmoCheck now Detects New 64-bit Versions of Emotet Malware Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/emocheck-now-detects-new-64-bit-versions-of-emotet-malware/ Excerpt: “The Japan CERT has released a new version of their...

April 28, 2022

Title: New Bumblebee Malware Takes Over BazarLoader's Ransomware Delivery Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/ Excerpt: “A newly discovered malware loader...

April 27, 2022

Title: Chinese State-Backed Hackers now Target Russian State Officers Date Published: April 27, 2022 https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/ Excerpt: “Security researchers analyzing a phishing...