April 4, 2022

Fortify Security Team
Apr 4, 2022

Title: Fake Trezor Data Breach Emails Used to Steal Cryptocurrency Wallets
Date Published: April 3, 2022

Excerpt: “A compromised Trezor hardware wallet mailing list was used to send fake data breach notifications to steal cryptocurrency wallets and the assets stored within them. Trezor is a hardware cryptocurrency wallet that allows you to store your crypto assets offline, rather than using cloud-based wallets or wallets stored on your PC that are more vulnerable to theft.”

Title: Borat RAT, a New RAT that Performs Ransomware and DDoS Attacks
Date Published: April 4, 2022


Excerpt: “Researchers from threat intelligence firm Cyble discovered a new RAT, named Borat, that enables operators to gain full access and remote control of an infected system. Unlike other RATs, the Borat RAT provides Ransomware and DDOS services to attackers expanding their capabilities.

The Borat RAT allows its operators to compile the malware binary for performing specific features, including DDoS and ransomware attacks.”

Title: Security Flaws Found in 82% of Public Sector Software Applications
Date Published: April 4, 2022


Excerpt: “Veracode has released new findings that show the public sector has the highest proportion of security flaws in its applications and maintains some of the lowest and slowest fix rates compared to other industry sectors. Analysis of data collected from 20 million scans across half a million applications revealed these sector-specific findings.”

Title: Lazarus Using Trojanized DeFi App to Deliver Malware
Date Published: April 1, 2022


Excerpt: “North Korean advanced persistent threat group Lazarus has emerged with a fresh spear-phishing campaign that uses a Trojanized DeFi application containing a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed.”

Title: Brokenwire Hack Could Let Remote Attackers Disrupt Charging for Electric Vehicles
Date Published: April 4, 2022

https://thehackernews.com/2022/04/brokenwire-hack-could-let-remote.html Excerpt “A group of academics from the University of Oxford and Armasuisse S+T has disclosed details of a new attack technique against the popular Combined Charging System (CCS) that could potentially disrupt the ability to charge electric vehicles at scale.”

Title: California Health Plan Facing Network Disruptions After Alleged Hive Ransomware Attack
Date Published: April 1, 2022

Excerpt: “Partnership HealthPlan of California (PHC) is currently experiencing computer system disruptions and working to recover its network with support from third-party forensic specialists. Multiple reports allege the Hive ransomware group is behind the attack.”

Title: NSA Employee Indicted for Sending Classified Data Outside the Agency
Date Published: April  1, 2022

Excerpt: “A National Security Agency employee is accused of sharing top-secret national security information with an unauthorized individual in the private sector, the US Department of Justice said. The employee was arrested and the indictment unsealed on March 31.”

Title: American Express Down in Outage: Users Report Login and Payment Issues
Date Published: April 2, 2022

Excerpt: “Yesterday, American Express users across the world including US, UK, and Europe, experienced widespread outages lasting hours. And, the payment services giant advises that some users may continue to experience issues online or over the phone. The issues reported by users included being unable to log in to their Amex accounts, make payments, or get to an Amex customer service representative over the phone.”

Title: Experts Discovered 15-Year-Old Vulnerabilities in the PEAR PHP Repository
Date Published: April 4, 2022


Excerpt: “Researchers from SonarSource discovered two 15-year-old security flaws in the PEAR (PHP Extension and Application Repository) repository that could have enabled supply chain attacks. PEAR is a framework and distribution system for reusable PHP components. According to the expert, the critical vulnerability in a central component of the PHP supply chain could have been easily exploited by low-skilled threat actors to cause important disruption.”

Title: Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware
Date Published: April 4, 2022

Excerpt: “At least three different advanced persistent threat (APT) groups from across the world have launched spear-phishing campaigns in mid-March 2022 using the ongoing Russo-Ukrainian war as a lure to distribute malware and steal sensitive information. The campaigns, undertaken by El Machete, Lyceum, and SideWinder, have targeted a variety of sectors, including energy, financial, and governmental sectors in Nicaragua, Venezuela, Israel, Saudi Arabia, and Pakistan.”

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/bizarre-ransomware-sells-decryptor-on-roblox-game-pass-store/ Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/ Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 https://www.bleepingcomputer.com/news/legal/surfshark-expressvpn-pull-out-of-india-over-data-retention-laws/ Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 https://www.bleepingcomputer.com/news/security/italian-city-of-palermo-shuts-down-all-systems-to-fend-off-cyberattack/ Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/critical-atlassian-confluence-zero-day-actively-used-in-attacks/ Excerpt: “Hackers are actively exploiting a new Atlassian...

June 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/conti-ransomware-targeted-intel-firmware-for-stealthy-attacks/ Excerpt: “Researchers analyzing the leaked chats of the...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/ Excerpt: “The duration of ransomware attacks in 2021...