April 4, 2022

Fortify Security Team
Apr 4, 2022

Title: Fake Trezor Data Breach Emails Used to Steal Cryptocurrency Wallets
Date Published: April 3, 2022

https://www.bleepingcomputer.com/news/security/fake-trezor-data-breach-emails-used-to-steal-cryptocurrency-wallets/
Excerpt: “A compromised Trezor hardware wallet mailing list was used to send fake data breach notifications to steal cryptocurrency wallets and the assets stored within them. Trezor is a hardware cryptocurrency wallet that allows you to store your crypto assets offline, rather than using cloud-based wallets or wallets stored on your PC that are more vulnerable to theft.”

Title: Borat RAT, a New RAT that Performs Ransomware and DDoS Attacks
Date Published: April 4, 2022

https://securityaffairs.co/wordpress/129805/malware/borat-rat-a-new-rat-that-performs-ransomware-and-ddos-attacks.html

Excerpt: “Researchers from threat intelligence firm Cyble discovered a new RAT, named Borat, that enables operators to gain full access and remote control of an infected system. Unlike other RATs, the Borat RAT provides Ransomware and DDOS services to attackers expanding their capabilities.

The Borat RAT allows its operators to compile the malware binary for performing specific features, including DDoS and ransomware attacks.”

Title: Security Flaws Found in 82% of Public Sector Software Applications
Date Published: April 4, 2022

https://www.helpnetsecurity.com/2022/04/04/public-sector-applications-security/

Excerpt: “Veracode has released new findings that show the public sector has the highest proportion of security flaws in its applications and maintains some of the lowest and slowest fix rates compared to other industry sectors. Analysis of data collected from 20 million scans across half a million applications revealed these sector-specific findings.”

Title: Lazarus Using Trojanized DeFi App to Deliver Malware
Date Published: April 1, 2022

https://www.bankinfosecurity.com/lazarus-using-trojanized-defi-app-to-deliver-malware-a-18829

Excerpt: “North Korean advanced persistent threat group Lazarus has emerged with a fresh spear-phishing campaign that uses a Trojanized DeFi application containing a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed.”

Title: Brokenwire Hack Could Let Remote Attackers Disrupt Charging for Electric Vehicles
Date Published: April 4, 2022

https://thehackernews.com/2022/04/brokenwire-hack-could-let-remote.html Excerpt “A group of academics from the University of Oxford and Armasuisse S+T has disclosed details of a new attack technique against the popular Combined Charging System (CCS) that could potentially disrupt the ability to charge electric vehicles at scale.”

Title: California Health Plan Facing Network Disruptions After Alleged Hive Ransomware Attack
Date Published: April 1, 2022

https://www.scmagazine.com/analysis/breach/california-health-plan-facing-network-disruptions-after-alleged-hive-ransomware-attack
Excerpt: “Partnership HealthPlan of California (PHC) is currently experiencing computer system disruptions and working to recover its network with support from third-party forensic specialists. Multiple reports allege the Hive ransomware group is behind the attack.”

Title: NSA Employee Indicted for Sending Classified Data Outside the Agency
Date Published: April  1, 2022

https://www.darkreading.com/attacks-breaches/nsa-employee-indicted-for-sending-classified-data-outside-the-agency
Excerpt: “A National Security Agency employee is accused of sharing top-secret national security information with an unauthorized individual in the private sector, the US Department of Justice said. The employee was arrested and the indictment unsealed on March 31.”

Title: American Express Down in Outage: Users Report Login and Payment Issues
Date Published: April 2, 2022

https://www.bleepingcomputer.com/news/security/american-express-down-in-outage-users-report-login-and-payment-issues/
Excerpt: “Yesterday, American Express users across the world including US, UK, and Europe, experienced widespread outages lasting hours. And, the payment services giant advises that some users may continue to experience issues online or over the phone. The issues reported by users included being unable to log in to their Amex accounts, make payments, or get to an Amex customer service representative over the phone.”

Title: Experts Discovered 15-Year-Old Vulnerabilities in the PEAR PHP Repository
Date Published: April 4, 2022

https://securityaffairs.co/wordpress/129797/hacking/pear-php-critical-flaws.html

Excerpt: “Researchers from SonarSource discovered two 15-year-old security flaws in the PEAR (PHP Extension and Application Repository) repository that could have enabled supply chain attacks. PEAR is a framework and distribution system for reusable PHP components. According to the expert, the critical vulnerability in a central component of the PHP supply chain could have been easily exploited by low-skilled threat actors to cause important disruption.”

Title: Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware
Date Published: April 4, 2022

https://thehackernews.com/2022/04/multiple-hacker-groups-capitalizing-on.html
Excerpt: “At least three different advanced persistent threat (APT) groups from across the world have launched spear-phishing campaigns in mid-March 2022 using the ongoing Russo-Ukrainian war as a lure to distribute malware and steal sensitive information. The campaigns, undertaken by El Machete, Lyceum, and SideWinder, have targeted a variety of sectors, including energy, financial, and governmental sectors in Nicaragua, Venezuela, Israel, Saudi Arabia, and Pakistan.”

Recent Posts

September 16, 2022

Title: Uber hacked, internal systems breached and vulnerability reports stolen Date Published: September 16, 2022 https://www.bleepingcomputer.com/news/security/uber-hacked-internal-systems-breached-and-vulnerability-reports-stolen/ Excerpt: “Uber suffered a...

September 15, 2022

Title: Webworm hackers modify old malware in new attacks to evade attribution Date Published: September 15, 2022 https://www.bleepingcomputer.com/news/security/webworm-hackers-modify-old-malware-in-new-attacks-to-evade-attribution/ Excerpt: “The Chinese 'Webworm'...

September 14, 2022

Title: Chinese hackers create Linux version of the SideWalk Windows malware Date Published: September 14, 2022 https://www.bleepingcomputer.com/news/security/chinese-hackers-create-linux-version-of-the-sidewalk-windows-malware/ Excerpt: “State-backed Chinese hackers...

September 13, 2022

Title: Cyberspies drop new infostealer malware on govt networks in Asia Date Published: September 13, 2022 https://www.bleepingcomputer.com/news/security/cyberspies-drop-new-infostealer-malware-on-govt-networks-in-asia/ Excerpt: “Security researchers have identified...

September 12, 2022

Title: Cisco confirms Yanluowang ransomware leaked stolen company data Date Published: September 12, 2022 https://www.bleepingcomputer.com/news/security/cisco-confirms-yanluowang-ransomware-leaked-stolen-company-data/ Excerpt: “Cisco has confirmed that the data leaked...

September 9, 2022

Title: Bumblebee Malware Adds Post-exploitation Tool for Stealthy Infections Date Published: September 8, 2022 https://www.bleepingcomputer.com/news/security/bumblebee-malware-adds-post-exploitation-tool-for-stealthy-infections/ Excerpt: “A new version of the...

September 8, 2022

Title: North Korean Lazarus Hackers Take Aim at U.S. Energy Providers Date Published: September 8, 2022 https://www.bleepingcomputer.com/news/security/north-korean-lazarus-hackers-take-aim-at-us-energy-providers/ Excerpt: “The North Korean APT group 'Lazarus' (APT38)...