Hello all,
Welcome to the penultimate edition of the Red-N Weekly Cyber Security News for 2023. While not an extreme week, there have been a few large newsworthy items along with the usual morass of evil people doing nefarious things.
The volume of news and other can appear overwhelming, the best strategy is to read the Notable Callouts below and then skim the full list of linked news item titles that follow for things that pertain to you or your environment or simply interest you, and then selecting them for more information. So, let’s get to it. And don’t forget, our site, https://red-n-security.com also has searchable archives of past newsletters.
Notable Callouts:
- Apple leads the news with security updates for most of their products. A large number of items were addressed, so check and update your iFruit if you have it.
Apple Watch sales were stopped in the US due to them losing a patent infringement suit. It couldn’t have come at a worse time as it will cost Apple an estimated $300-$400 million in holiday sales. - ALPHV aka Blackcat ransomware group had large chunks of their infrastructure infiltrated and subsequently seized by the FBI. One immediate positive result was that at least 300 decryptors were made available by authorities to victims of the dirtbag alpha-cats. Undaunted, the malevolent, evil, subhuman, criminals reappeared on the dark web within a few days and upped the ante by declaring that they would now attack critical infrastructure, including “nuclear reactors”. I’m not sure if the scum realize that they just publicly declared that they are terrorists. And as such they’ve painted a much larger target on themselves.
- Google patched the 8th critical vulnerability for 2023 in Google Chrome. This one is in the WebRTC framework which is used by many other browsers, prompting them to update this past week as well. Check for updates in your browsers to patch this buffer overflow issue.
- First American Financial one of the nation’s largest title insurance and settlement services for real estate companies and mortgage providers has shut down nearly all internet facing connections due to a “cybersecurity incident”. If you were expecting to close on real estate this holiday season, you may experience delays due to increased activity at other firms needing to handle the offload from First American.
- SEC the Securities and Exchange Commission’s new reporting rules for Cyber Events are now in effect. Publicly traded companies must report cybersecurity incidents to the SEC on a Form 8-K within four business days.
- QNAP announced on Dec 7 that the VioStor NVR (Network Video Recorder), which has flaws currently being exploited, was patched in version 5.x of QNAP’s software, which has been our for nearly a decade. Patch your stuff people!
In Ransomware, Malware, and Vulnerabilities News:
- 10 Essential Insights from the Microsoft Digital Defense Report makes for excellent reading. The number one finding is that 99% of attacks are preventable with basic security hygiene such as MFA, and timely updates to software and firmware.
- Xfinity had a data breach that affected 36 million people. That’s more than the population of a good number of US states – Wow!
In Other News Events of Note and Interest:
- Microsoft is now hosting Oracle in Azure. The sheer volume of datacenter capacity being engineered for this effort has made Microsoft Oracle’s largest customer. I think hades just got a lot chillier.
In Cyber Insurance News:
- NordVPN now offers cyber insurance. Yep, the VPN service is bundling insurance with their proxy services. It seems to be a good deal from what I have been able to deduce.
Robert Cioffi, co-founder and CTO of Progressive Computing in New York was a victim of the Kaseya VSA REvil attack on July 2, 2021 that encrypted hundreds, if not thousands, of service providers and their clients’ devices. He is a great communicator and the story is well worth reading. However, I bring him up for a different reason. He has gifted us with a cyber take on a holiday classic. Here is a link to his, “It was the week before Christmas”. Enjoy!
May your tech toys all work, and come with batteries included. Merry Christmas to you and yours if you celebrate this blessed holiday. To the rest, may this be a calm week for you.
Viscount Zebulon Wamboldt Pike
Red-N Weekly Cyber Security News
Headline NEWS
- Apple Releases Security Updates for Multiple Products
- Apple halts US sales of Watch before Christmas after losing patent case
- Authorities claim seizure of notorious ALPHV ransomware gang’s dark web leak site
- FBI disrupts Blackcat ransomware operation, creates decryption tool
- Google fixes 8th Chrome zero-day exploited in attacks this year
- First American becomes latest real estate industry giant hit with cyberattack
- SEC’s new data breach disclosure rules take effect, here’s what you need to know
- QNAP VioStor NVR vulnerability actively exploited by malware botnet
Ransomware, Malware, and Vulnerabilities News
- 10 essential insights from the Microsoft Digital Defense Report 2023
- NSA Publishes 2023 Cybersecurity Year in Review
- Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices
- Officials: U.S. water utilities hacked after leaving passwords set to 1111
- Mozilla Releases Security Updates for Firefox and Thunderbird
- SSH vulnerability exploitable in Terrapin attacks
- Beware: Experts Reveal New Details on Zero-Click Outlook RCE Exploits
- Attackers Exploit 6-Year-Old Microsoft Office Bug to Spread Spyware
- The password attacks of 2023: Lessons learned and next steps
- MongoDB says customer data was exposed in a cyberattack
- Ivanti releases patches for 13 critical Avalanche RCE flaws
- FBI: Play ransomware breached 300 victims, including critical orgs
- Ransomware gang ‘unseizes’ its site and issues new threats after FBI takedown
- BidenCash darkweb market gives 1.9 million credit cards for free
- New MetaStealer malvertising campaigns
- 86% of cyberattacks are delivered over encrypted channels
- Mint Mobile discloses new data breach exposing customer data
- Crypto drainer steals $59 million from 63k people in Twitter ad push
- QakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry
- Years-Old, Unpatched Google Web Toolkit Vuln Leaves Apps Open to Server-Side RCE
- Behind the Scenes of Matveev’s Ransomware Empire: Tactics and Team
- Behind the Scenes: JaskaGO’s Coordinated Strike on macOS and Windows
- Rhadamanthys Stealer malware evolves with more powerful features
- Cybercrooks book a stay in hotel email inboxes to trick staff into spilling credentials
- Ransomware Attackers Abuse Multiple Windows CLFS Driver Zero-Days
- Ransomware gangs are increasingly turning to remote encryption, and that’s a huge problem
- The ransomware attack on Westpole is disrupting digital services for Italian public administration
- ESET fixed a high-severity bug in the Secure Traffic Scanning Feature of several products
- Louis feds say Slovakian man ran dark web market for drugs, malware, stolen IDs
- German Authorities Dismantle Dark Web Hub ‘Kingdom Market’ in Global Operation
- Ransomware cyber attack hits Vermont’s Milton Town School District
- LockBit Ransomware Cyberattack Claims 3 New Victims
- Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware
- Microsoft discovers critical RCE flaw in Perforce Helix Core Server
- Microsoft: Hackers target defense firms with new FalseFont malware
- Top WordPress hosting company (Kinsta) hit by phishing ads attack
- Flaws in pfSense firewall can lead to arbitrary code execution
- Ubisoft says it’s investigating reports of a new security breach
- Europol warns 443 online shops infected with credit card stealers
- Android malware Chameleon disables Fingerprint Unlock to steal PINs
- An interesting map of attacks on schools – The K12 Cyber Incident Map — K12 SIX
- 8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware
- SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols
- Artificial intelligence can find your location, alarming privacy experts
- OpenAI rolls out imperfect fix for ChatGPT data leak flaw
- Mortgage giant Mr. Cooper data breach affects 14.7 million people
- Xfinity discloses a data breach — but doesn’t say how many users are affected
- Comcast says hackers stole data of close to 36 million Xfinity customers
- Fake F5 BIG-IP zero-day warning emails push data wipers
- VF Corp. says cybersecurity breach may impact its business
- Looks like more people are using passkeys than expected
- Hackers Abuse Bot Protection Tool to Launch Cyber Attacks
- Teenage ‘GTA VI’ Hacker Sentenced to Life in Hospital Prison
Other News Events of Note and Interest
- OpenAI releases prompt guide for better ChatGPT and LLM performance
- Star Trek-inspired Holodeck AI model can create a 3D world from text
- In a Striking Discovery, AI Shows Human-Like Memory Formation
- NIST releases 2 draft guides to prepare for post-quantum migration
- Beeper says it’s done playing cat and mouse with Apple over its iMessage for Android app
- Amazon Drive Shuts Down on December 31st
- Adobe abandons $20 billion acquisition of Figma
- Mozilla decides Trusted Types is a worthy security feature
- Google Home Mini update bricks devices for some users
- Microsoft fixes Windows printer issues with new troubleshooter
- Microsoft is discontinuing Windows Mixed Reality
- Microsoft Edge 121 finally brings AVIF support
- Broadcom Drops A Hammer on VMware Customers After Acquisition
- How To Disable Microsoft Defender (And When You Might Want To)
- Inside the all-new Edge DevTools user interface – Microsoft Edge Blog
- Students take note: Windows 11 update reportedly has a bug that’s taking down Wi-Fi at universities
- Synology to Sunset DSM 6.2 Operating System: What Users Should Know
- Larry Ellison’s Masterpiece: Microsoft Becomes Oracle’s Largest Customer
- An interesting tool that shows promise – HiJackThis+ 3.3.0.9 Alpha