June 2, 2022

Fortify Security Team
Jun 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks
Date Published: June 2, 2022


Excerpt: “Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group were actively developing firmware hacks. According to messages exchanged between members of the cybercrime syndicate, Conti developers had created proof-of-concept (PoC) code that leveraged Intel’s Management Engine (ME) to overwrite flash and gain SMM (System Management Mode) execution.”

Title: A Critical RCE Flaw in Horde Webmail has yet to be Addressed
Date Published: June 2, 2022


Excerpt: “Researchers from SonarSource discovered a remote code execution vulnerability (CVE-2022-30287) in the open-source Horde Webmail client. Horde Webmail allows users to manage contacts, the flaw could be exploited by an authenticated user of a Horde instance to take over an email server by sending a specially crafted email to a victim.”

Title: Microsoft Office Apps are Vulnerable to IDN Homograph Attacks
Date Published: June 2, 2022


Excerpt: “Microsoft Office apps – including Outlook and Teams – are vulnerable to homograph attacks based on internationalized domain names (IDNs). In practice, this means that users hovering above a link in a phishing email, a Word or Excel document they have received, or a message sent via Teams, can’t tell that it will direct them to a spoofed malicious domain that’s not what it purports to be.”

Title: Scammers Target NFT Discord Channel
Date Published: June 2, 2022


Excerpt: “Discord a public chat application designed for gamers has grown popular among crypto owners all over the world. Attackers are targeting the Discord servers of several popular nonfungible token (NFT) projects. Josh Fraser founder of Origin protocol shared a thread on Twitter earlier this month, revealing the issue and warning the user about the integrity of the Discord private channels. Fraser added that the issue was quickly closed as a “duplicate issue” when responsibly disclosed to the team of Discord.”

Title: Russian Forces Disable South Ukraine Communications – Again
Date Published: June 1, 2022


Excerpt: “”All communications” in the southern Ukrainian city of Kherson has been hit, the State Service of Special Communications and Information Protection of Ukraine said in an alert on Tuesday, as communication solutions providers – internet, landline and mobile phone – have detected disruptions and subsequent shutdowns of their services.”

Title: Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones
Date Published: June  2, 2022


Excerpt: “A critical security flaw has been uncovered in UNISOC’s smartphone chipset that could be potentially weaponized to disrupt a smartphone’s radio communications through a malformed packet. “Left unpatched, a hacker or a military unit can leverage such a vulnerability to neutralize communications in a specific location,” Israeli cybersecurity company Check Point said in a report shared with The Hacker News. “The vulnerability is in the modem firmware, not in the Android OS itself.””

Title: Behavioral Biometrics Reduce Fraud Losses for Oft-Targeted Zelle Payments
Date Published: June  1, 2022


Excerpt: “As peer-to-peer payments services become increasingly popular, fraudsters are following the money here, especially to fast-rising Zelle. Hence, experts claim that stronger authentication, by way of behavioral biometrics, is needed to curb potential losses. Launched five years ago, Zelle is a P2P payment platform developed and owned Early Warning Services LLC, by a group of seven major U.S. banks, including Bank of America, JPMorgan Chase, Capital One, U.S. Bank and Wells Fargo.”

Title: Clipminer Malware Gang Stole $1.7M by Hijacking Crypto Payments
Date Published: June 2, 2022


Excerpt: “Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking. According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware. Both trojans focus on stealing wallets, hijacking transactions, and mining cryptocurrency on infected machines.”

Title: Autonomous Vehicles can be Tricked into Erratic Driving Behavior
Date Published: June 2, 2022


Excerpt: “When a driverless car is in motion, one faulty decision by its collision-avoidance system can lead to disaster, but researchers at the University of California, Irvine have identified another possible risk: Autonomous vehicles can be tricked into an abrupt halt or other undesired driving behavior by the placement of an ordinary object on the side of the road.”

Title: ExpressVPN Removes Servers in India After Refusing to Comply with Government Order
Date Published: June 2, 2022


Excerpt: “Virtual Private Network (VPN) provider ExpressVPN on Thursday announced that it’s removing Indian-based VPN servers in response to a new cybersecurity directive issued by the Indian Computer Emergency Response Team (CERT-In). “Rest assured, our users will still be able to connect to VPN servers that will give them Indian IP addresses and allow them to access the internet as if they were located in India,” the company said. “These ‘virtual’ India servers will instead be physically located in Singapore and the U.K.””

Recent Posts

June 10, 2022

Title: Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/bizarre-ransomware-sells-decryptor-on-roblox-game-pass-store/ Excerpt: “A new ransomware is taking the unusual approach of...

June 9, 2022

Title: New Symbiote Malware Infects all Running Processes on Linux Systems Date Published: June 9, 2022 https://www.bleepingcomputer.com/news/security/new-symbiote-malware-infects-all-running-processes-on-linux-systems/ Excerpt: “A newly discovered Linux malware known...

June 8, 2022

Title: Surfshark, ExpressVPN pull out of India Over Data Retention Laws Date Published: June 7, 2022 https://www.bleepingcomputer.com/news/legal/surfshark-expressvpn-pull-out-of-india-over-data-retention-laws/ Excerpt: “Surfshark announced today they are shutting down...

June 6, 2022

Title: Italian City of Palermo Shuts Down all Systems to Fend off Cyberattack Date Published: June 6, 2022 https://www.bleepingcomputer.com/news/security/italian-city-of-palermo-shuts-down-all-systems-to-fend-off-cyberattack/ Excerpt: “The municipality of Palermo in...

June 3, 2022

Title: Critical Atlassian Confluence Zero-Day Actively Used in Attack Date Published: June 2, 2022 https://www.bleepingcomputer.com/news/security/critical-atlassian-confluence-zero-day-actively-used-in-attacks/ Excerpt: “Hackers are actively exploiting a new Atlassian...

June 1, 2022

Title: Ransomware Attacks Need Less Than Four Days to Encrypt Systems Date Published: June 1, 2022 https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/ Excerpt: “The duration of ransomware attacks in 2021...

May 31, 2022

Title: Microsoft Shares Mitigation for Office Zero-Day Exploited in Attacks DatePublished: May 31, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-office-zero-day-exploited-in-attacks/ Excerpt: “Microsoft has shared mitigation...