April 25, 2022

Fortify Security Team
Apr 25, 2022

Title: New Powerful Prynt Stealer Malware Sells for just $100 per Month
Date Published: April 25, 2022

https://www.bleepingcomputer.com/news/security/new-powerful-prynt-stealer-malware-sells-for-just-100-per-month/

Excerpt: “Threat analysts have spotted yet another addition to the growing space of info-stealer malware infections, named Prynt Stealer, which offers powerful capabilities and extra keylogger and clipper modules. Prynt Stealer targets a large selection of web browsers, messaging apps, and gaming apps and can also perform direct financial compromise.”

Title: BlackCat Ransomware Gang Breached Over 60 orgs Worldwide
Date Published: April 25, 2022

https://securityaffairs.co/wordpress/130582/reports/fbi-blackcat-ransomware.html

Excerpt: “The U.S. Federal Bureau of Investigation (FBI) published a flash report that states that at least 60 entities worldwide have been breached by BlackCat ransomware (aka ALPHV and Noberus) since it started its operations in November. “The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with attacks involving BlackCat/ALPHV, a Ransomware-as-a-Service that has compromised at least 60 entities worldwide.” reads the flash advisory. “CISA encourages users and administrators to review the IOCs and technical details in FBI Flash CU-000167-MW and apply the recommended mitigations.” The list of the victims of the gang includes Moncler, the Swissport, and Inetum.”

Title: 41% of Businesses had an API Security Incident Last Year
Date Published: April 25, 2022

https://www.helpnetsecurity.com/2022/04/25/apis-security-challenges/

Excerpt: “In the wake of the digital transformation wave, web application program interfaces (APIs) have experienced exponential growth as the rise of integrated web and mobile-based offerings requires significantly more data sharing across products. As dependency on APIs increases, so do its related security challenges like broken authentication, authorization, and accidental disclosure or breach of data.”

Title: T-Mobile Breached Again; Lapsus$ Behind the Attack
Date Published: April 23, 2022

https://www.bankinfosecurity.com/t-mobile-breached-again-lapsus-behind-attack-a-18956

Excerpt: “The U.S. telecom carrier T-Mobile has confirmed that the Lapsus$ ransomware group has breached its internal network by compromising employee accounts, according to multiple media reports. But, it says, hackers did not steal any sensitive customer or government information during the incident.”

Title: Critical Bug in Everscale Wallet Could’ve Let Attackers Steal Cryptocurrencies
Date Published: April 25, 2022

https://thehackernews.com/2022/04/critical-bug-in-everscale-wallet.html

Excerpt: “A security vulnerability has been disclosed in the web version of the Ever Surf wallet that, if successfully weaponized, could allow an attacker to gain full control over a victim’s wallet. “By exploiting the vulnerability, it’s possible to decrypt the private keys and seed phrases that are stored in the browser’s local storage,” Israeli cybersecurity company Check Point said in a report shared with The Hacker News. “In other words, attackers could gain full control over the victim’s wallets.” Ever Surf is a cryptocurrency wallet for the Everscale (formerly FreeTON) blockchain that also doubles up as a cross-platform messenger and allows users to access decentralized apps as well as send and receive non-fungible tokens (NFTs). It’s said to have an estimated 669,700 accounts across the world.

Title: Visa Takes a More Aggressive Stand on Cybersecurity
Date Published: April 22, 2022

https://www.scmagazine.com/analysis/identity-and-access/visa-takes-a-more-aggressive-stand-on-cybersecurity

Excerpt: “Earlier this week, Visa set a more ambitious stance on cybersecurity, blogging about the company’s commitment to IT security in the face of heightened digital security concerns. The premier credit card brand pointed out that internet fraud surged by 69% in 2020 alone, according to the FBI Internet Crime Report. Yet despite this rise in cybercrime, Visa reported record-lows in cyber fraud, as the company has invested more than $9 billion over the past five years in security innovation and analytics.”

Title: Quantum Ransomware seen Deployed in Rapid Network Attacks
Date Published: April  25, 2022

https://www.bleepingcomputer.com/news/security/quantum-ransomware-seen-deployed-in-rapid-network-attacks/

Excerpt: “The Quantum ransomware, a strain first discovered in August 2021, were seen carrying out speedy attacks that escalate quickly, leaving defenders little time to react. The threat actors are using the IcedID malware as one of their initial access vectors, which deploys Cobalt Strike for remote access and leads to data theft and encryption using Quantum Locker. The technical details of a Quantum ransomware attack were analyzed by security researchers at The DFIR Report, who says the attack lasted only 3 hours and 44 minutes from initial infection to the completion of encrypting devices.”

Title: Atlassian addresses a critical Jira authentication bypass flaw
Date Published: April 24, 2022

https://securityaffairs.co/wordpress/130564/hacking/atlassian-jira-authentication-bypass-issue.html

Excerpt: “Atlassian has addressed a critical vulnerability in its Jira Seraph software, tracked as CVE-2022-0540 (CVSS score 9.9), that can be exploited by an unauthenticated attacker to bypass authentication. A threat actor could trigger the vulnerability by sending a specially crafted HTTP request to vulnerable software. The issue affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. The flaw also impacts Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.”

Title: New BotenaGo Malware Variant Targeting Lilin Security Camera DVR Devices
Date Published: April 25, 2022

https://thehackernews.com/2022/04/new-botenago-malware-variant-targeting.html

Excerpt: “A new variant of an IoT botnet called BotenaGo has emerged in the wild, specifically singling out Lilin security camera DVR devices to infect them with Mirai malware. Dubbed “Lilin Scanner” by Nozomi Networks, the latest version is designed to exploit a two-year-old critical command injection vulnerability in the DVR firmware that was patched by the Taiwanese company in February 2020.”

Title: ‘Hack DHS’ Bug Hunters Find 122 Security Flaws in DHS Systems
Date Published: April 22, 2022

https://www.bleepingcomputer.com/news/security/hack-dhs-bug-hunters-find-122-security-flaws-in-dhs-systems/

Excerpt: “The Department of Homeland Security (DHS) today revealed that bug bounty hunters enrolled in its ‘Hack DHS’ bug bounty program have found 122 security vulnerabilities in external DHS systems, 27 of them rated critical severity. DHS awarded a total of $125,600 to over 450 vetted security researchers and ethical hackers, with rewards of up to $5,000 per bug, depending on the flaw’s severity.”

Recent Posts

May 6, 2022

Title: Google Docs Crashes on Seeing "And. And. And. And. And." Date Published: May 6, 2022 https://www.bleepingcomputer.com/news/technology/google-docs-crashes-on-seeing-and-and-and-and-and/ Excerpt: “A bug in Google Docs is causing it to crash when a series of words...

May 5, 2022

Title: Tor Project Upgrades Network Speed Performance with New System Date Published: May 5, 2022 https://www.bleepingcomputer.com/news/security/tor-project-upgrades-network-speed-performance-with-new-system/ Excerpt: “The Tor Project has published details about a...

May 3, 2022

Title: Aruba and Avaya Network Switches are Vulnerable to RCE Attacks Date Published: May 3, 2022 https://www.bleepingcomputer.com/news/security/aruba-and-avaya-network-switches-are-vulnerable-to-rce-attacks/ Excerpt: “Security researchers have discovered five...

May 2, 2022

Title: U.S. DoD Tricked into Paying $23.5 Million to Phishing Actor Date Published: May 2, 2022 https://www.bleepingcomputer.com/news/security/us-dod-tricked-into-paying-235-million-to-phishing-actor/ Excerpt: “The U.S. Department of Justice (DoJ) has announced the...

April 29, 2022

Title: EmoCheck now Detects New 64-bit Versions of Emotet Malware Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/emocheck-now-detects-new-64-bit-versions-of-emotet-malware/ Excerpt: “The Japan CERT has released a new version of their...

April 28, 2022

Title: New Bumblebee Malware Takes Over BazarLoader's Ransomware Delivery Date Published: April 28, 2022 https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/ Excerpt: “A newly discovered malware loader...

April 27, 2022

Title: Chinese State-Backed Hackers now Target Russian State Officers Date Published: April 27, 2022 https://www.bleepingcomputer.com/news/security/chinese-state-backed-hackers-now-target-russian-state-officers/ Excerpt: “Security researchers analyzing a phishing...