Hello all,
The Red-N Weekly Cyber Security News newsletter is below the Notable Callouts as usual and can be found online as well at https://red-n-security.com.
Notable Callouts:
- Apple starts us out with emergency patches for actively exploited zero days. Patch now, I’ll wait.
- ASUS has released patches for quite a few of their routers. Botnets love these unpatched routers, so please patch yours.
- Fortinet fixed several items, including an RCE.
- Microsoft’s recent DDoS attack was likely not from Africa, but was perpetrated by a Russian-backed group.
- MOVE-it continues to make news with new compromised companies being revealed daily. The US Government is offering up to $10 million dollars in reward for information leading to the capture of the attackers.
- Pinellas County, FL – near and dear to many readers of this newsletter, failed to redact Social Security numbers on citations posted online for all the world to see.
- Schneider Power Meters have a vulnerability that opens locations to a post-apocalyptic blackout, well, at least power outages.
- VMware has had a busy couple of weeks with vRealize (aka Aria) now under active exploitation, and this week a new vCenter Server bug allowing all sorts of things it shouldn’t.
- Zyxel finishes the headlines with critical flaws in their NAS devices. They make NAS devices? If you have them, patch them immediately.
- In Ransomware, Malware, and Vulnerabilities News, Sophos has put out a multi-part series titled “The Ransomware Documentary”. Also, Chinese hackers are exploiting a zero-day in ESXi that VMware fixed last week. Finally, SpaceX and NASA have successfully placed a satellite in orbit that will be live-hacked by 8 teams at DefCon 31 in Las Vegas.
- In Other News Events of Note and Interest, WD NAS drives flash failure warnings and cripple NAS devices, when nothing is wrong. One more item, Proposed SEC rules have companies scrambling to figure out how they will be able to comply with the Cyber Expert requirements being proffered.
- In Cyber Insurance News, some advice on how to use Cyber Insurance requirements as selling opportunities to better secure business that are supported by MSPs.
I ran across a quote written by Sir Francis Bacon in Meditationes Sacrae (1597).
“Scientia iIpsa potentia est” = “Knowledge itself is power”
May the knowledge you gain from the links below empower you to better understand, enjoy, and secure your world
Viscount Zebulon Wamboldt Pike
Red-N Weekly Cyber Security News
Headline NEWS
- Apple fixes zero-days used to deploy Triangulation spyware via iMessage
- Apple patches two actively exploited security flaws with iOS 16.5.1 and more
- ASUS urges customers to patch critical router vulnerabilities
- Fortinet fixes critical FortiNAC remote command execution flaw
- Hackers behind Microsoft outage most likely Russian-backed group aiming to ‘drive division’ in the west
- US Offers $10m Reward For MOVEit Attackers
- Pinellas County, FL fails to redact Social Security numbers on online citations
- Schneider Power Meter Vulnerability Opens Door to Power Outages
- VMware warns of critical vRealize flaw exploited in attacks
- VMware fixes vCenter Server bugs allowing code execution, auth bypass
- Zyxel warns of critical command injection flaw in NAS devices
Ransomware, Malware, and Vulnerabilities News
- “The Ransomware Documentary” – brand new video series from Sophos starting now
- BlackCat claims they hacked Reddit and will leak the data
- New ‘RDStealer’ Malware Targets RDP Connections
- New Mystic Stealer malware increasingly used in attacks
- How generative AI is creating new classes of security threats
- Iowa’s largest school district confirms ransomware attack, data theft
- NSA shares tips on blocking BlackLotus UEFI malware attacks – PDF
- Dissecting TriangleDB, a Triangulation spyware implant
- Chinese hackers used VMware ESXi zero-day to backdoor VMs
- RedEyes Group Wiretapping Individuals (APT37)
- Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices
- Microsoft fixes Azure AD auth flaw enabling account takeover
- Microsoft Teams Vulnerability: The GIFShell Attack
- Microsoft Teams bug allows malware delivery from external accounts
- Turn off your iPhone for five minutes – cybersecurity advice
- ‘Sign in to continue’ and suffer : Attackers abusing legitimate services for credential theft
- Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web Marketplaces
- New Condi malware builds DDoS botnet out of TP-Link AX21 routers
- Hackers Use Weaponized PDF Files to Attack Organizations
- J.B. Hunt sues tech company for cybersecurity vulnerability
- IT security weaknesses ‘expose Switzerland to hacker attacks’
- Experts Uncover Year-Long Cyber Attack on IT Firm Utilizing Custom Malware RDStealer
- Fresh Ransomware Gangs Emerge as Market Leaders Decline
- Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws
- New Tsunami botnet targets Linux SSH servers
- Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps
- Hawaii community college targeted in ransomware attack
- Russian APT Group Caught Hacking Roundcube Email Servers
- Ransomware attacks becoming more frequent | Food Business News
- New DoJ Cyber Prosecution Team Will Go After Nation-State Threat Actors
- Exploit released for Cisco AnyConnect bug giving SYSTEM privileges
- Avast, Norton Parent Latest Victim of MOVEit Ransomware Attacks
- New BreachForums site hacked by rivals
- Feds seize notorious and shuttered hacking site BreachForums
- Critical ‘nOAuth’ Flaw in Microsoft Azure AD Enabled Complete Account Takeover
- Emerging Ransomware Group 8Base Doxxes SMBs Globally
- iOttie discloses data breach after site hacked to steal credit cards
- Alert: Million of GitHub Repositories Likely Vulnerable to RepoJacking Attack
- Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites
- Beyond the Horizon: Traveling the World on Camaro Dragon’s USB Flash Drives
- Now BlackCat extortionists threaten to leak stolen plastic surgery pics
- Manchester University Breach Victims Hit with Triple Extortion
- New York City Department of Education impacted by online security breach
- Ransomware Misconceptions Abound, to the Benefit of Attackers
- US ‘can’t PSA our way out’ of cyber vulnerability, CISA director says
- Eight Teams of Hackers Will Compete to Breach U.S. Satellite in Space
Other News Events of Note and Interest
- WD NAS drives flash warnings after 3 years even if they’re fine
- Malwarebytes issues fix for Chrome broken by Windows 11 KB5027231
- Fulfilling Expected SEC Requirements for Cybersecurity Expertise at Board Level
- Lawyers who cited fake cases invented by ChatGPT must pay
- Intel Graphics 31.0.101.4502 WHQL driver includes fixes for iTunes and WebView2
- 5 tips for business leaders to leverage the real potential of generative AI
- Microsoft Azure OpenAI lets enterprises feed corporate secrets to ChatGPT
- Microsoft Acknowledges High CPU Utilization Bug in Windows 11 File Explorer
- Windows 11 change proves so unpopular that Microsoft reverses course
- Microsoft has kept its secret Emergency Restart option in Windows 11 too
- LastPass users furious after being locked out due to MFA resets
- Space Force extends Palantir’s data-as-a-service contracts
- Google announces $20 million investment for cyber clinics
- WingetUI 2.0.0 out of beta, final version released
- Ultimate Windows Tweaker 5.1
- Cloudflare’s global network grows to 300 cities and ever closer to end users
- With one June Patch Tuesday update, Microsoft falls short
- Microsoft announces it will soon update its Exchange Online SMTP relay requirements
- Microsoft shares workaround for Outlook freezes, slow starts
- How to Get Free Cybersecurity Assistance from the NSA
- Why is it so rare to hear about Western cyber-attacks? – BBC News
- Cloud security leader Zscaler bets on generative AI as future of zero trust
- Microsoft quietly updated Windows 11 supported CPU list with many new Intel, AMD chips
- Microsoft Teams Animated Background now Available
- Migrating GPOs to MDM with Intune’s Group Policy Analytics