June 2, 2022

Fortify Security Team
Jun 2, 2022

Title: Conti Ransomware Targeted Intel Firmware for Stealthy Attacks
Date Published: June 2, 2022

https://www.bleepingcomputer.com/news/security/conti-ransomware-targeted-intel-firmware-for-stealthy-attacks/

Excerpt: “Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group were actively developing firmware hacks. According to messages exchanged between members of the cybercrime syndicate, Conti developers had created proof-of-concept (PoC) code that leveraged Intel’s Management Engine (ME) to overwrite flash and gain SMM (System Management Mode) execution.”

Title: A Critical RCE Flaw in Horde Webmail has yet to be Addressed
Date Published: June 2, 2022

https://securityaffairs.co/wordpress/131870/hacking/rce-flaw-horde-webmail.html

Excerpt: “Researchers from SonarSource discovered a remote code execution vulnerability (CVE-2022-30287) in the open-source Horde Webmail client. Horde Webmail allows users to manage contacts, the flaw could be exploited by an authenticated user of a Horde instance to take over an email server by sending a specially crafted email to a victim.”

Title: Microsoft Office Apps are Vulnerable to IDN Homograph Attacks
Date Published: June 2, 2022

https://www.helpnetsecurity.com/2022/06/02/microsoft-office-homograph-attacks/

Excerpt: “Microsoft Office apps – including Outlook and Teams – are vulnerable to homograph attacks based on internationalized domain names (IDNs). In practice, this means that users hovering above a link in a phishing email, a Word or Excel document they have received, or a message sent via Teams, can’t tell that it will direct them to a spoofed malicious domain that’s not what it purports to be.”

Title: Scammers Target NFT Discord Channel
Date Published: June 2, 2022

https://threatpost.com/scammers-target-nft-discord-channel/179827/

Excerpt: “Discord a public chat application designed for gamers has grown popular among crypto owners all over the world. Attackers are targeting the Discord servers of several popular nonfungible token (NFT) projects. Josh Fraser founder of Origin protocol shared a thread on Twitter earlier this month, revealing the issue and warning the user about the integrity of the Discord private channels. Fraser added that the issue was quickly closed as a “duplicate issue” when responsibly disclosed to the team of Discord.”

Title: Russian Forces Disable South Ukraine Communications – Again
Date Published: June 1, 2022

https://www.bankinfosecurity.com/russian-forces-disable-south-ukraine-communications-again-a-19178

Excerpt: “”All communications” in the southern Ukrainian city of Kherson has been hit, the State Service of Special Communications and Information Protection of Ukraine said in an alert on Tuesday, as communication solutions providers – internet, landline and mobile phone – have detected disruptions and subsequent shutdowns of their services.”

Title: Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones
Date Published: June  2, 2022

https://thehackernews.com/2022/06/critical-unisoc-chip-vulnerability.html

Excerpt: “A critical security flaw has been uncovered in UNISOC’s smartphone chipset that could be potentially weaponized to disrupt a smartphone’s radio communications through a malformed packet. “Left unpatched, a hacker or a military unit can leverage such a vulnerability to neutralize communications in a specific location,” Israeli cybersecurity company Check Point said in a report shared with The Hacker News. “The vulnerability is in the modem firmware, not in the Android OS itself.””

Title: Behavioral Biometrics Reduce Fraud Losses for Oft-Targeted Zelle Payments
Date Published: June  1, 2022

https://www.scmagazine.com/analysis/identity-and-access/behavioral-biometrics-reduce-fraud-losses-for-oft-targeted-zelle-payments

Excerpt: “As peer-to-peer payments services become increasingly popular, fraudsters are following the money here, especially to fast-rising Zelle. Hence, experts claim that stronger authentication, by way of behavioral biometrics, is needed to curb potential losses. Launched five years ago, Zelle is a P2P payment platform developed and owned Early Warning Services LLC, by a group of seven major U.S. banks, including Bank of America, JPMorgan Chase, Capital One, U.S. Bank and Wells Fargo.”

Title: Clipminer Malware Gang Stole $1.7M by Hijacking Crypto Payments
Date Published: June 2, 2022

https://www.bleepingcomputer.com/news/security/clipminer-malware-gang-stole-17m-by-hijacking-crypto-payments/

Excerpt: “Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking. According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware. Both trojans focus on stealing wallets, hijacking transactions, and mining cryptocurrency on infected machines.”

Title: Autonomous Vehicles can be Tricked into Erratic Driving Behavior
Date Published: June 2, 2022

https://www.helpnetsecurity.com/2022/06/02/autonomous-vehicles-can-be-tricked/

Excerpt: “When a driverless car is in motion, one faulty decision by its collision-avoidance system can lead to disaster, but researchers at the University of California, Irvine have identified another possible risk: Autonomous vehicles can be tricked into an abrupt halt or other undesired driving behavior by the placement of an ordinary object on the side of the road.”

Title: ExpressVPN Removes Servers in India After Refusing to Comply with Government Order
Date Published: June 2, 2022

https://thehackernews.com/2022/06/expressvpn-removes-servers-in-india.html

Excerpt: “Virtual Private Network (VPN) provider ExpressVPN on Thursday announced that it’s removing Indian-based VPN servers in response to a new cybersecurity directive issued by the Indian Computer Emergency Response Team (CERT-In). “Rest assured, our users will still be able to connect to VPN servers that will give them Indian IP addresses and allow them to access the internet as if they were located in India,” the company said. “These ‘virtual’ India servers will instead be physically located in Singapore and the U.K.””

Recent Posts

June 30, 2022

Title: Google Blocked Dozens of Domains Used by Hack-For-Hire Groups Date Published: June 30, 2022 https://www.bleepingcomputer.com/news/security/google-blocked-dozens-of-domains-used-by-hack-for-hire-groups/ Excerpt: “Google's Threat Analysis Group (TAG) has blocked...

June 28, 2022

Title: Over 900,000 Kubernetes Instances Found Exposed Online Date Published: June 28, 2022 https://www.bleepingcomputer.com/news/security/over-900-000-kubernetes-instances-found-exposed-online/ Excerpt: “Over 900,000 misconfigured Kubernetes clusters were found...

June 27, 2022

Title: CafePress Fined $500,000 for Breach Affecting 23 Million Users Date Published: June 24, 2022 https://www.bleepingcomputer.com/news/security/cafepress-fined-500-000-for-breach-affecting-23-million-users/ Excerpt: “The U.S. Federal Trade Commission (FTC) has...

June 24, 2022

Title: Scalper Bots out of Control in Israel, Selling State Appointments Date Published: June 23, 2022 https://www.bleepingcomputer.com/news/security/scalper-bots-out-of-control-in-israel-selling-state-appointments/ Excerpt: “Out-of-control scalper bots have created...

June 23, 2022

Title: New MetaMask Phishing Campaign uses KYC Lures to Steal Passphrases Date Published: June 23, 2022 https://www.bleepingcomputer.com/news/security/new-metamask-phishing-campaign-uses-kyc-lures-to-steal-passphrases/ Excerpt: “A new phishing campaign is targeting...

June 22, 2022

Title: Microsoft Reveals Cause Behind this Week’s Microsoft 365 Outage Date Published: June 22, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-reveals-cause-behind-this-week-s-microsoft-365-outage/ Excerpt: “Microsoft has revealed that this week's...

June 21, 2022

Title: Microsoft 365 Outage Affects Microsoft Teams and Exchange Online Date Published: June 21, 2022 https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-affects-microsoft-teams-and-exchange-online/ Excerpt: “An ongoing outage affects multiple...