April 25, 2022

Fortify Security Team
Apr 25, 2022

Title: New Powerful Prynt Stealer Malware Sells for just $100 per Month
Date Published: April 25, 2022


Excerpt: “Threat analysts have spotted yet another addition to the growing space of info-stealer malware infections, named Prynt Stealer, which offers powerful capabilities and extra keylogger and clipper modules. Prynt Stealer targets a large selection of web browsers, messaging apps, and gaming apps and can also perform direct financial compromise.”

Title: BlackCat Ransomware Gang Breached Over 60 orgs Worldwide
Date Published: April 25, 2022


Excerpt: “The U.S. Federal Bureau of Investigation (FBI) published a flash report that states that at least 60 entities worldwide have been breached by BlackCat ransomware (aka ALPHV and Noberus) since it started its operations in November. “The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with attacks involving BlackCat/ALPHV, a Ransomware-as-a-Service that has compromised at least 60 entities worldwide.” reads the flash advisory. “CISA encourages users and administrators to review the IOCs and technical details in FBI Flash CU-000167-MW and apply the recommended mitigations.” The list of the victims of the gang includes Moncler, the Swissport, and Inetum.”

Title: 41% of Businesses had an API Security Incident Last Year
Date Published: April 25, 2022


Excerpt: “In the wake of the digital transformation wave, web application program interfaces (APIs) have experienced exponential growth as the rise of integrated web and mobile-based offerings requires significantly more data sharing across products. As dependency on APIs increases, so do its related security challenges like broken authentication, authorization, and accidental disclosure or breach of data.”

Title: T-Mobile Breached Again; Lapsus$ Behind the Attack
Date Published: April 23, 2022


Excerpt: “The U.S. telecom carrier T-Mobile has confirmed that the Lapsus$ ransomware group has breached its internal network by compromising employee accounts, according to multiple media reports. But, it says, hackers did not steal any sensitive customer or government information during the incident.”

Title: Critical Bug in Everscale Wallet Could’ve Let Attackers Steal Cryptocurrencies
Date Published: April 25, 2022


Excerpt: “A security vulnerability has been disclosed in the web version of the Ever Surf wallet that, if successfully weaponized, could allow an attacker to gain full control over a victim’s wallet. “By exploiting the vulnerability, it’s possible to decrypt the private keys and seed phrases that are stored in the browser’s local storage,” Israeli cybersecurity company Check Point said in a report shared with The Hacker News. “In other words, attackers could gain full control over the victim’s wallets.” Ever Surf is a cryptocurrency wallet for the Everscale (formerly FreeTON) blockchain that also doubles up as a cross-platform messenger and allows users to access decentralized apps as well as send and receive non-fungible tokens (NFTs). It’s said to have an estimated 669,700 accounts across the world.

Title: Visa Takes a More Aggressive Stand on Cybersecurity
Date Published: April 22, 2022


Excerpt: “Earlier this week, Visa set a more ambitious stance on cybersecurity, blogging about the company’s commitment to IT security in the face of heightened digital security concerns. The premier credit card brand pointed out that internet fraud surged by 69% in 2020 alone, according to the FBI Internet Crime Report. Yet despite this rise in cybercrime, Visa reported record-lows in cyber fraud, as the company has invested more than $9 billion over the past five years in security innovation and analytics.”

Title: Quantum Ransomware seen Deployed in Rapid Network Attacks
Date Published: April  25, 2022


Excerpt: “The Quantum ransomware, a strain first discovered in August 2021, were seen carrying out speedy attacks that escalate quickly, leaving defenders little time to react. The threat actors are using the IcedID malware as one of their initial access vectors, which deploys Cobalt Strike for remote access and leads to data theft and encryption using Quantum Locker. The technical details of a Quantum ransomware attack were analyzed by security researchers at The DFIR Report, who says the attack lasted only 3 hours and 44 minutes from initial infection to the completion of encrypting devices.”

Title: Atlassian addresses a critical Jira authentication bypass flaw
Date Published: April 24, 2022


Excerpt: “Atlassian has addressed a critical vulnerability in its Jira Seraph software, tracked as CVE-2022-0540 (CVSS score 9.9), that can be exploited by an unauthenticated attacker to bypass authentication. A threat actor could trigger the vulnerability by sending a specially crafted HTTP request to vulnerable software. The issue affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. The flaw also impacts Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.”

Title: New BotenaGo Malware Variant Targeting Lilin Security Camera DVR Devices
Date Published: April 25, 2022


Excerpt: “A new variant of an IoT botnet called BotenaGo has emerged in the wild, specifically singling out Lilin security camera DVR devices to infect them with Mirai malware. Dubbed “Lilin Scanner” by Nozomi Networks, the latest version is designed to exploit a two-year-old critical command injection vulnerability in the DVR firmware that was patched by the Taiwanese company in February 2020.”

Title: ‘Hack DHS’ Bug Hunters Find 122 Security Flaws in DHS Systems
Date Published: April 22, 2022


Excerpt: “The Department of Homeland Security (DHS) today revealed that bug bounty hunters enrolled in its ‘Hack DHS’ bug bounty program have found 122 security vulnerabilities in external DHS systems, 27 of them rated critical severity. DHS awarded a total of $125,600 to over 450 vetted security researchers and ethical hackers, with rewards of up to $5,000 per bug, depending on the flaw’s severity.”

Recent Posts

July 17, 2023

Title: Thousands of Images on Docker Hub Leak Auth Secrets, Private Keys Date Published: July 16, 2023 https://www.bleepingcomputer.com/news/security/thousands-of-images-on-docker-hub-leak-auth-secrets-private-keys/ Excerpt: “Researchers at the RWTH Aachen University...

July 14, 2023

Title: Indexing Over 15 Million WordPress Websites with PWNPress Date Published: July 14, 2023 https://securityaffairs.com/148465/hacking/pwnpress-platform.html Excerpt: “Sicuranex’s PWNPress platform indexed over 15 million WordPress websites, it collects data...

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/us-health-dept-warns-of-royal-ransomware-targeting-healthcare/ Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/new-zombinder-platform-binds-android-malware-with-legitimate-apps/ Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 https://www.welivesecurity.com/2022/12/07/fantasy-new-agrius-wiper-supply-chain-attack/ Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 https://www.zdnet.com/article/this-badly-made-ransomware-cant-decrypt-your-files-even-if-you-pay-the-ransom/ Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 https://www.bleepingcomputer.com/news/security/sim-swapper-gets-18-months-for-involvement-in-22-million-crypto-heist/ Excerpt: “Florida man Nicholas Truglia...