Hello all,
The Red-N Weekly Cyber Security News newsletter is is below the Notable Callouts as usual and can be found online as well at https://red-n-security.com. The biggest news item this week is a three way tie with Barracuda, Microsoft, and MOVEit.
Notable Callouts:
- Barracuda thought they’d stemmed the tide last week with patches. This week two new devastating revelations. The first being that Clop might have been aware and using the flaw since 2021. The second is an urgent announcement to replace all affected ESG This means the threat actors have embedded themselves so deep that Barracuda cannot be certain they can clean the devices.
- Cisco has released fixes for their VPN AnyConnect software to repair a flaw that allows Windows System privilege access.
- Clop ransomware criminal gang is mass extorting hundreds of organizations worldwide as a result of compromising the MOVEit file transfer system.
- DefCon 31 is coming to Las Vegas, and SpaceX, along with NASA is putting a satellite into orbit for the sole purpose of having it live-hacked at that conference to improve satellite security.
- Google has issued a patch for a new Chrome Zero-Day vulnerability. Patch now!
- Managed Service Providers are starting to get some recognition. Tech Republic put out a good article describing the Top 6 benefits of managed IT services.
- Microsoft has had a rough week. Numerous of their services have been down at times this past week, such as Azure AD, Outlook, OneDrive Live, and more. Threat group Anonymous Sudan is claiming responsibility via DDoS attacks.
- MOVEit by Progress Software, is still being actively exploited, with thousands of devices showing via internet scans as still vulnerable. This week, with the help of cybersecurity group Huntress, yet another vulnerability was uncovered that has now had a patch released.
- NetApp has had five bugs identified by CERT-In. Patch now.
- VMware vRealize Network Insight (now Aria Operations for Networks) has patched several critical vulnerabilities.
- Zipper giant YKK (I couldn’t resist the letter Z reference) has confirmed that their US network was victim to a cyberattack.
- In Ransomware, Malware, and Vulnerabilities News, a new report shows that vulnerabilities have increased by 25 percent over the same period last year.
- In Other News Events of Note and Interest, the CEO of ConnectWise has said that ‘cybersecurity has reached a tipping point’ where IT must come up with a better game plan to further mitigate risks. Naturally, the comments were followed by product integration announcements.
- In Cyber Insurance News, the interest in a federal backstop for cyberinsurers continues to grow.
A late-breaking news item is that Fortinet has fixed a critical RCE flaw in Fortigate SSL-VPN devices, patch now.
Stay vigilant. It is better to cry wolf and be mistaken than to have your entire flock eaten.
Viscount Zebulon Wamboldt Pike
Red-N Weekly Cyber Security News
Headline NEWS
- Barracuda Urges Immediate Replacement of Hacked ESG Appliances
- Cisco fixes AnyConnect bug giving Windows SYSTEM privileges
- Clop Ransomware criminals issue extortion notice to ‘hundreds’ of victims
- First in space: SpaceX and NASA launch satellite that hackers will attempt to infiltrate during DEF CON
- Google Issues Patch for New Chrome Zero-Day Vulnerability – Update Now!
- Top 6 benefits of managed IT services
- Microsoft users unable to access Outlook, Teams in another M365 outage
- Microsoft OneDrive down worldwide following claims of DDoS attacks
- Microsoft’s Azure portal down following new claims of DDoS attacks
- New MOVEit Transfer critical flaws found after security audit, patch now
- NetApp Vulnerabilities: CERT-In Issues Alert On Five Bugs
- VMware fixes critical vulnerabilities in vRealize network analytics tool
- Zipper giant YKK confirms cyberattack targeted U.S. networks
Ransomware, Malware, and Vulnerabilities News
- New vulnerabilities increase by 25 percent
- Splunk Flaw Let Attackers Escalate Privilege
- Hackers hijack legitimate sites to host credit card stealer scripts
- Clop Ransomware Gang Likely Aware of MOVEit Transfer Vulnerability Since 2021
- Easily Exploitable Microsoft Visual Studio Bug Opens Developers to Takeover
- Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants
- I. is helping hackers make better phishing emails
- “Picture in Picture” Technique Exploited in New Deceptive Phishing Attack
- New zero-click attack method targets iPhones and iPads
- Experts Unveil PoC Exploit for Recent Windows Vulnerability Under Active Exploitation
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Qbot malware adapts to live another day … and another …
- Microsoft Links MOVEit Attack to Cl0p as British Airways, BBC Fall
- Traditional malware increasingly takes advantage of ChatGPT for attacks
- Dozens of popular Minecraft mods found infected with Fracturiser malware
- KeePass fixed bug that allows extraction of cleartext master password
- Chinese ‘Volt Typhoon’ hack underlines shift in Beijing’s targets, skills
- Massive free VPN data breach exposes 360M Records
- British Airways Caught Up in Massive Payroll Data Breach After ‘Cybersecurity’ Incident Hits Supplier
- Federal cyber incidents reveal challenges of implementing US National Cybersecurity Strategy
- Since 2018, ransomware attacks on food, beverage, and agriculture cost world $1.36bn in downtime alone
- US offers $5M reward for Swedish fugitive who sold encrypted phones monitored by FBI
- US Aerospace Contractor Hacked With ‘PowerDrop’ Backdoor
- Information stealer compromises legitimate sites to attack other sites
- Swiss administration hit by cyber attack
- Ransomware attacks have room to grow, Verizon data breach report shows
- Killnet hacktivists say they’re disbanding
- The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period
- ChatGPT Hallucinations Open Developers to Supply Chain Malware Attacks
- Shadow IT is increasing and so are the associated security risks
- Lazarus hackers linked to the $35 million Atomic Wallet heist
- Winning the Mind Game: The Role of the Ransomware Negotiator
- Eisai hit with ransomware attack, launches investigation
- Robot Steals RAM Data by Freezing Chips in Chilling Cybersecurity Demo
- IoT Botnet DDoS Attacks Threaten Global Telecom Networks, Nokia
- Illinois struck by CL0P ransomware attacks
- Cybercrooks Scrape OpenAI API Keys to Pirate GPT
- 0mega ransomware gang changes tactics
- US cyber experts sent to Latin America on ‘hunt-forward’ mission
- After ‘Inception’ Attack, New Due Diligence Requirements Are Needed
Other News Events of Note and Interest
- ConnectWise CEO: ‘Cybersecurity Has Reached A Tipping Point’
- North Korea Makes 50% of Income from Cyber-Attacks: Report
- CISOs, IT lack confidence in executives’ cyber-defense knowledge
- Sam Altman, the man behind ChatGPT, is increasingly alarmed about what he unleashed
- OpenAI sued for defamation after ChatGPT fabricates legal accusations against radio host
- Nvidia released Windows hotfix driver 536.09 to fix display flickering for some users
- Cyberspace commission calls for updated relationship between feds, critical infrastructure
- Impostor Syndrome, You’re Probably More Interpersonally Effective and Likely to Enjoy Greater Success
- CISA and Partners Publish Guide For Remote Access Security
- WordPress Now Has An OpenAI Powered Content Generator
- Criminal Marketplace Disrupted in International Cyber Operation
- Windows 11 reportedly installs optional update without asking
- OpenAI chief Sam Altman says Israel will have ‘huge role’ to play in AI revolution
- CEO Pleads Guilty to Massive Scheme to Traffic in Counterfeit Cisco Networking Equipment
- Tip: Download the Updated Windows 11 Version 22H2 ISO
- Following new ISOs, Microsoft releases special Defender update for Windows 11 install images
- Install and configure Windows Server Backup in Windows Server 2022
- 20 cybersecurity projects on GitHub you should check out
- Bard updates: More accurate responses, export to Google Sheets
- Cloud repatriation and the death of cloud-only
- Delegate permissions for domain join
- Public DNS malware filters tested
- Brave Browser Picks Up Vertical Tabs
- Firefox 114 for Ubuntu Released with DNS over HTTPS Tweaks, FIDO2 Support
- Microsoft Teams Introduces New Zoom Controls for Meetings
- Microsoft making Edge more secure by default very soon on Windows, Mac, Linux, Arm
- A startup called Hugging Face is becoming the GitHub of AI
- How Farmers.gov really launched USDA’s next generation of cloud services
- Users accuse Intuit of ‘heavy-handed’ support changes on QuickBooks for Desktop