April 5, 2022

Fortify Security Team
Apr 5, 2022

Title: Microsoft Fixes IE11 Known Issue Blocking Windows 11 Upgrades
Date Published: April 5, 2022

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-ie11-known-issue-blocking-windows-11-upgrades/

Excerpt: “Microsoft has removed a compatibility hold blocking Windows 11 upgrades for Windows 10 customers after fixing a known issue leading to problems importing Internet Explorer 11 (IE11) data into Microsoft Edge. The safeguard hold was applied for Windows 10 systems where IE11 was the main or the default browser. The only customers impacted by the now-fixed known issue were those who didn’t import their IE11 information into Microsoft Edge before starting the Windows 11 upgrade process.”

Title: CISA adds Spring4Shell Flaw to its Known Exploited Vulnerabilities Catalog
Date Published: April 5, 2022

https://securityaffairs.co/wordpress/129838/security/cisa-adds-spring4shell-flaw-to-its-known-exploited-vulnerabilities-catalog.html

Excerpt: “The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the recently disclosed CVE-2022-22965 (aka Spring4Shell, CVSS score: 9.8) flaw in the Spring Framework, along with three other issues, to its Known Exploited Vulnerabilities Catalog.According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.”

Title: Utilizing Biological Algorithms to Detect Cyber Attacks
Date Published: April 5, 2022

https://www.helpnetsecurity.com/2022/04/05/bioinformatics-phishing/

Excerpt: “Phishing, a longstanding cyberattack technique through which attackers impersonate others to gain access to confidential information, has become immensely popular as of late, hitting an all-time high in December 2021, with attacks tripling since the previous year.”

Title: Hackers Target Wind Turbine Manufacturer Nordex
Date Published: April 4, 2022

https://www.bankinfosecurity.com/hackers-target-wind-turbine-manufacturer-nordex-a-18833

Excerpt: “German wind turbine manufacturer Nordex has switched off its IT systems in multiple locations after a reported cybersecurity incident. The company says that customers, employees and other stakeholders may be affected by the shutdown. The Nordex Group, along with its subsidiaries, develops, manufactures and distributes wind power systems across the world.”

Title: Despite Hopes for Decline, Ransomware Attacks Increased During Russia-Ukraine Conflict
Date Published: April 5, 2022

https://www.scmagazine.com/analysis/ransomware/despite-hopes-for-decline-ransomware-attacks-increased-during-russia-ukraine-conflict Excerpt: “There are a bevy of reasons that ransomware attacks should have declined during the Russian invasion of Ukraine. Squabbles between Ukrainian affiliates and Russian Ransomware designers. Destruction of Ukrainian infrastructure. Enlistments. Fear of boiling the emerging cold war.”

Title: Apple Gift Card Scammers Sentenced for Role in $1.5M Fraud Date Published: April 4, 2022
https://www.darkreading.com/attacks-breaches/apple-gift-card-scammers-sentenced-for-role-in-1-5m-fraud

Excerpt: “Two men who engineered a massive gift card scam against Apple have been sentenced to federal prison for a $1.5 million Apple gift card scheme that included the theft of several Apple store point-of-sale systems in order to load credits onto gift cards that they then used to purchase Apple products.”

Title: Ukraine Spots Russian-Linked ‘Armageddon’ Phishing Attacks
Date Published: April  5, 2022

https://www.bleepingcomputer.com/news/security/ukraine-spots-russian-linked-armageddon-phishing-attacks/

Excerpt: “The Computer Emergency Response Team of Ukraine (CERT-UA) has spotted new phishing attempts attributed to the Russian threat group tracked as Armageddon (Gamaredon). The malicious emails attempt to trick the recipients with lures themed after the war in Ukraine and infect the target systems with espionage-focused malware.”

Title: MailChimp Breached, Intruders Conducted Phishing Attacks Against Crypto Customers
Date Published: April 5, 2022

https://securityaffairs.co/wordpress/129831/data-breach/mailchimp-breached-cryptocurrency-phishing.html

Excerpt: “During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported. The fake data breach notification emails urged Trezort customers to reset the PIN of their hardware wallets by downloading malicious software that could have allowed attackers to steal the funds in the wallets.”

Title: 49% of Small Medical Practices Don’t have a Cyberattack Response Plan
Date Published: April 5, 2022

https://www.helpnetsecurity.com/2022/04/05/cyberattacks-healthcare-providers/
Excerpt: “Sophisticated cyberattacks are crippling healthcare providers by posing a threat to core functions and patient privacy, according to Software Advice survey. Findings reveal that 22% of small practices and 45% of large practices have experienced a ransomware attack at some point, with numbers rising in the past three years. Small practices risk more significant losses in the event of a cyberattack, often due to lack of training and inadequate security technology.”

Title: Germany Shuts Down Russian Hydra Darknet Market; Seizes $25 Million in Bitcoin
Date Published: April 5, 2022

https://thehackernews.com/2022/04/germany-shuts-down-russian-hydra.html

Excerpt: “Germany’s Federal Criminal Police Office, the Bundeskriminalamt (BKA), on Tuesday announced the official takedown of Hydra, the world’s largest illegal dark web marketplace that has cumulatively facilitated over $5 billion in Bitcoin transactions to date. “Bitcoins amounting to currently the equivalent of approximately €23 million were seized, which are attributed to the marketplace,” the BKA said in a press release. Blockchain analytics firm Elliptic confirmed that the seizure occurred on April 5, 2022 in a series of 88 transactions amounting to 543.3 BTC.”

Recent Posts

September 16, 2022

Title: Uber hacked, internal systems breached and vulnerability reports stolen Date Published: September 16, 2022 https://www.bleepingcomputer.com/news/security/uber-hacked-internal-systems-breached-and-vulnerability-reports-stolen/ Excerpt: “Uber suffered a...

September 15, 2022

Title: Webworm hackers modify old malware in new attacks to evade attribution Date Published: September 15, 2022 https://www.bleepingcomputer.com/news/security/webworm-hackers-modify-old-malware-in-new-attacks-to-evade-attribution/ Excerpt: “The Chinese 'Webworm'...

September 14, 2022

Title: Chinese hackers create Linux version of the SideWalk Windows malware Date Published: September 14, 2022 https://www.bleepingcomputer.com/news/security/chinese-hackers-create-linux-version-of-the-sidewalk-windows-malware/ Excerpt: “State-backed Chinese hackers...

September 13, 2022

Title: Cyberspies drop new infostealer malware on govt networks in Asia Date Published: September 13, 2022 https://www.bleepingcomputer.com/news/security/cyberspies-drop-new-infostealer-malware-on-govt-networks-in-asia/ Excerpt: “Security researchers have identified...

September 12, 2022

Title: Cisco confirms Yanluowang ransomware leaked stolen company data Date Published: September 12, 2022 https://www.bleepingcomputer.com/news/security/cisco-confirms-yanluowang-ransomware-leaked-stolen-company-data/ Excerpt: “Cisco has confirmed that the data leaked...

September 9, 2022

Title: Bumblebee Malware Adds Post-exploitation Tool for Stealthy Infections Date Published: September 8, 2022 https://www.bleepingcomputer.com/news/security/bumblebee-malware-adds-post-exploitation-tool-for-stealthy-infections/ Excerpt: “A new version of the...

September 8, 2022

Title: North Korean Lazarus Hackers Take Aim at U.S. Energy Providers Date Published: September 8, 2022 https://www.bleepingcomputer.com/news/security/north-korean-lazarus-hackers-take-aim-at-us-energy-providers/ Excerpt: “The North Korean APT group 'Lazarus' (APT38)...