December 3, 2022

Hello all,

The Red-N Weekly Security newsletter is below the callouts below.

Notable callouts this week include:

• Rackspace has apparently suffered a massive system failure. Unconfirmed reports are that it is due to a ransomware attack. Their hosted Exchange infrastructure has been down for days with no end in sight.
• ConnectWise patched a flaw in their ScreenConnect product
• LastPass and GoTo suffered a breach. They say customer data is secure due to encryption.
• In a move that could expand elsewhere, Australia has dramatically increased fines for data breaches.
• Nvidia patched 29 GPU driver bugs
• And finally, Google. They patched Chrome again late last week for the ninth critical zero-day vulnerability of 2022.

Also in this week’s issue are several links about cyber insurance.

Remember, the second rat gets the cheese. In security, you cannot rest on your laurels. If you catch one, others are already vying for the “cheese”. Stay vigilant.

Visc. Zebullon Wamboldt Pike

Headline NEWS

• Rackspace rocked by ‘security incident’ that has taken out some hosted Exchange services
• ConnectWise Quietly Patches Flaw That Helps Phishers
• Lastpass says hackers accessed customer data in new breach
• GoTo says hackers breached its dev environment, cloud storage
• Yandex plans to break up with its Russian motherland
• Sony and Lexar’s encryption provider leaked sensitive data for over a year
• Killnet Gloats About DDoS Attacks Downing Starlink, White House
• Australia will now fine firms up to AU$50 million for data breaches
• Eufy cameras have a big security problem
• Exchange Online and Microsoft Teams go down for over nine hours across Asia
• Nvidia patches 29 GPU driver bugs that could lead to code execution, device takeover
• Google Chrome emergency update fixes 9th zero-day of the year

Other News Events of Note and Interest

• CISA’s Strategic Plan Is Ushering in a New Cybersecurity Era
• CISA issued an alert about the Cuba Ransomware group
• IIROC-registered Canadian crypto exchange Coinsquare suffers data breach
• Microsoft Defender boosts default protection for all enterprise users
• Voice-scamming site “iSpoof” seized, 100s arrested in massive crackdown
• All You Need to Know About Emotet in 2022
• Emotet Strikes Again – LNK File Leads to Domain Wide Ransomware
• Vice Society ransomware claims attack on Cincinnati State college
• The Internet Archive just put 565 Palm Pilot apps in your web browser
• Ransomware gang targets Belgian municipality, hits police instead
• Data Exfiltration: Why Ransomware is About More Than the Ransom
• How to avoid Facebook Marketplace scams
• Gangs of cybercriminals are expanding across Africa, investigators say
• Ransomware gangs shift tactics, making crimes harder to track
• Meta hit with ~$275M GDPR penalty for Facebook data-scraping breach
• Financial services increasingly targeted for API-based cyberattacks
• JPMorgan, other banks in talks to reimburse scammed Zelle customers
• Seven free cybersecurity resources you need to bookmark
• Cyber-Threat Group Targets Critical RCE Vulnerability in ‘Bleed You’ Campaign
• Philippine Public warned of suspicious email link attachments amid ‘formidable’ ransomware group
• IKEA posted on ransomware gang’s leak site
• Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access
• AWS releases Wickr, its encrypted messaging service for enterprises
• Rufus 3.21 with improved Windows local account support, NTFS, exFAT, now available for all
• Epson zaps lasers into oblivion, in the name of the environment
• Dropbox acquires Boxcryptor assets to bring zero-knowledge encryption to file storage
• Trigona ransomware spotted in increasing attacks worldwide
• Hackers Exploit TikTok ‘Invisible Body’ Challenge to Steal User Passwords, Credit Cards
• FBI warns of rise in costly technical support scams
• MD5 considered harmful – to the tune of $600,000
• CyRC Vulnerability Advisory: Remote code execution vulnerabilities in mouse and keyboard apps
• New details on commercial spyware vendor Variston
• Akami Researchers Accidentally Crashed a Botnet
• CashRewindo: How to age domains for an investment scam like fine scotch
• The Evolution of Business Email Compromise
• Microsoft offers fix for Windows 11 gaming performance issues

Cyber Insurance News

• Should you have cyber insurance?
• Is it worth taking out personal cyber insurance in case you are caught up in a data hack?
• Amid Surge in Ransomware Attacks, More Organizations Are Being Rejected for Cyber Insurance
• ‘Data is the new coal’: Cyber insurance costs climb as hackers run riot

For a PDF version of this week’s report, click here