April 4, 2022

Fortify Security Team
Apr 4, 2022

Title: Fake Trezor Data Breach Emails Used to Steal Cryptocurrency Wallets
Date Published: April 3, 2022

Excerpt: “A compromised Trezor hardware wallet mailing list was used to send fake data breach notifications to steal cryptocurrency wallets and the assets stored within them. Trezor is a hardware cryptocurrency wallet that allows you to store your crypto assets offline, rather than using cloud-based wallets or wallets stored on your PC that are more vulnerable to theft.”

Title: Borat RAT, a New RAT that Performs Ransomware and DDoS Attacks
Date Published: April 4, 2022


Excerpt: “Researchers from threat intelligence firm Cyble discovered a new RAT, named Borat, that enables operators to gain full access and remote control of an infected system. Unlike other RATs, the Borat RAT provides Ransomware and DDOS services to attackers expanding their capabilities.

The Borat RAT allows its operators to compile the malware binary for performing specific features, including DDoS and ransomware attacks.”

Title: Security Flaws Found in 82% of Public Sector Software Applications
Date Published: April 4, 2022


Excerpt: “Veracode has released new findings that show the public sector has the highest proportion of security flaws in its applications and maintains some of the lowest and slowest fix rates compared to other industry sectors. Analysis of data collected from 20 million scans across half a million applications revealed these sector-specific findings.”

Title: Lazarus Using Trojanized DeFi App to Deliver Malware
Date Published: April 1, 2022


Excerpt: “North Korean advanced persistent threat group Lazarus has emerged with a fresh spear-phishing campaign that uses a Trojanized DeFi application containing a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed.”

Title: Brokenwire Hack Could Let Remote Attackers Disrupt Charging for Electric Vehicles
Date Published: April 4, 2022

https://thehackernews.com/2022/04/brokenwire-hack-could-let-remote.html Excerpt “A group of academics from the University of Oxford and Armasuisse S+T has disclosed details of a new attack technique against the popular Combined Charging System (CCS) that could potentially disrupt the ability to charge electric vehicles at scale.”

Title: California Health Plan Facing Network Disruptions After Alleged Hive Ransomware Attack
Date Published: April 1, 2022

Excerpt: “Partnership HealthPlan of California (PHC) is currently experiencing computer system disruptions and working to recover its network with support from third-party forensic specialists. Multiple reports allege the Hive ransomware group is behind the attack.”

Title: NSA Employee Indicted for Sending Classified Data Outside the Agency
Date Published: April  1, 2022

Excerpt: “A National Security Agency employee is accused of sharing top-secret national security information with an unauthorized individual in the private sector, the US Department of Justice said. The employee was arrested and the indictment unsealed on March 31.”

Title: American Express Down in Outage: Users Report Login and Payment Issues
Date Published: April 2, 2022

Excerpt: “Yesterday, American Express users across the world including US, UK, and Europe, experienced widespread outages lasting hours. And, the payment services giant advises that some users may continue to experience issues online or over the phone. The issues reported by users included being unable to log in to their Amex accounts, make payments, or get to an Amex customer service representative over the phone.”

Title: Experts Discovered 15-Year-Old Vulnerabilities in the PEAR PHP Repository
Date Published: April 4, 2022


Excerpt: “Researchers from SonarSource discovered two 15-year-old security flaws in the PEAR (PHP Extension and Application Repository) repository that could have enabled supply chain attacks. PEAR is a framework and distribution system for reusable PHP components. According to the expert, the critical vulnerability in a central component of the PHP supply chain could have been easily exploited by low-skilled threat actors to cause important disruption.”

Title: Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware
Date Published: April 4, 2022

Excerpt: “At least three different advanced persistent threat (APT) groups from across the world have launched spear-phishing campaigns in mid-March 2022 using the ongoing Russo-Ukrainian war as a lure to distribute malware and steal sensitive information. The campaigns, undertaken by El Machete, Lyceum, and SideWinder, have targeted a variety of sectors, including energy, financial, and governmental sectors in Nicaragua, Venezuela, Israel, Saudi Arabia, and Pakistan.”

Recent Posts

July 17, 2023

Title: Thousands of Images on Docker Hub Leak Auth Secrets, Private Keys Date Published: July 16, 2023 https://www.bleepingcomputer.com/news/security/thousands-of-images-on-docker-hub-leak-auth-secrets-private-keys/ Excerpt: “Researchers at the RWTH Aachen University...

July 14, 2023

Title: Indexing Over 15 Million WordPress Websites with PWNPress Date Published: July 14, 2023 https://securityaffairs.com/148465/hacking/pwnpress-platform.html Excerpt: “Sicuranex’s PWNPress platform indexed over 15 million WordPress websites, it collects data...

December 9, 2022

Title: US Health Dept Warns of Royal Ransomware Targeting Healthcare Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/us-health-dept-warns-of-royal-ransomware-targeting-healthcare/ Excerpt: “The U.S. Department of Health and Human...

December 8, 2022

Title: New ‘Zombinder’ Platform Binds Android Malware With Legitimate Apps Date Published: December 8, 2022 https://www.bleepingcomputer.com/news/security/new-zombinder-platform-binds-android-malware-with-legitimate-apps/ Excerpt: “A darknet platform dubbed...

December 7, 2022

Title: Fantasy – A New Agrius Wiper Deployed Through a Supply-Chain Attack Date Published: December 7, 2022 https://www.welivesecurity.com/2022/12/07/fantasy-new-agrius-wiper-supply-chain-attack/ Excerpt: “ESET researchers discovered a new wiper and its execution...

December 6, 2022

Title: This Badly Made Ransomware Can’t Decrypt Your Files, Even if You Pay the Ransom Date Published: December 6, 2022 https://www.zdnet.com/article/this-badly-made-ransomware-cant-decrypt-your-files-even-if-you-pay-the-ransom/ Excerpt: “Victims of a recently...

December 5, 2022

Title: SIM Swapper Gets 18-Months for Involvement in $22 Million Crypto Heist Date Published: December 3, 2022 https://www.bleepingcomputer.com/news/security/sim-swapper-gets-18-months-for-involvement-in-22-million-crypto-heist/ Excerpt: “Florida man Nicholas Truglia...