Hello all,
The Red-N Weekly Cyber Security News newsletter is below the Notable Callouts as usual. This week’s list of shame and fame is sponsored by Microsoft Patch Tuesday. But first, we start with Cisco and an expired certificate.
Notable Callouts:
- CISCO let a certificate expire in some SD-WAN edge router that could result in the devices becoming unbootable. They are pushing a new certificate and patches.
- Discord let it be known that they had a data-breach by sending emails out to the affected victims.
- FTC, for some reason feels it is necessary to warn consumers that phishing is still a thing. So, for those of you who are new to email, please read their alert.
- Microsoft unleased a smaller set of updates this past Patch Tuesday than usual. There were 3 zero-days, and 38 vulnerabilities or fixes addressed. One major patch is for UEFI BIOS to resolve ransomware embedding itself at the boot stage.
- Netgear RAX30 routers were pwn’d recently by chaining 5 different vulnerabilities. Patches exist, so apply them if you use this equipment.
- Rockwell Automation has been shown to have over a dozen vulnerabilities in their industrial products.
- Ruckus Wireless has a Remote Code Execution flaw, patch now.
- SAP completes the Patch-Tuesday week items with several critical vulnerabilities patched.
- In Ransomware, Malware, and Vulnerabilities News, research shows that ransomware payments have nearly doubled in one year, and Google is making Dark-Web monitoring available to all users.
- In Other News Event of Note and Interest, Backblaze has reported (along with others) that most hard-drives die within 3 years. The race for overlord of humanity continues to push ahead with Google unleashing their AI on the general public to compete with Microsoft.
- In Cyber Insurance News, Cowbell reports that 90% of small businesses underestimate (by a large margin) how much a cyber-incident will cost them. And, “sharp price increases” are predicted to come.
One late breaking item. Citrix has released patches for vulnerabilities that have been discovered in Citrix ADC and Citrix Gateway.
With AI rapidly invading every area of our lives, how long will it be before AI breaches the cyber-divide and creates a human-spread virus?
Viscount Zebulon Wamboldt Pike
Red-N Weekly Cyber Security News
Headline NEWS
- Don’t turn it off and on again: Expired Cisco cert cripples vEdge SD-WAN kit
- Discord discloses data breach after support agent got hacked
- FTC issues warning over urgent emails from PayPal — it’s a phishing scam
- Microsoft May 2023 Patch Tuesday fixes 3 zero-days, 38 flaws
- May 2023 Patch Tuesday: Updates and Analysis
- Zero Day Initiative — The May 2023 Security Update Review
- Microsoft Patch Tuesday Arrives, Brings One New Windows 11 Feature
- Chaining Five Vulnerabilities to Exploit Netgear Nighthawk RAX30 Routers at Pwn2Own Toronto 2022
- Organizations Informed of Over a Dozen Vulnerabilities in Rockwell Automation Products
- AndoryuBot – New Botnet Campaign Targets Ruckus Wireless Admin Remote Code Execution Vulnerability
- SAP Patches Critical Vulnerabilities With May 2023 Security Updates
Ransomware, Malware, and Vulnerabilities News
- Ransomware payments nearly double in one year
- New ransomware decryptor recovers data from partially encrypted files
- Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers
- Consumer Financial Protection Bureau experiences data breach affecting consumers, financial institutions
- Listen how AI can clone your voice, use it in phishing scams
- Google brings dark web monitoring to all U.S. Gmail users
- New ‘Greatness’ service simplifies Microsoft 365 phishing attacks
- MSI confirms cyberattack, warns against unofficial firmware
- Intel investigating leak of Intel Boot Guard private keys after MSI breach
- NextGen Healthcare says hackers accessed personal data of more than 1 million patients
- ‘Empire of hackers’: China accuses CIA of orchestrating cyberattacks using advanced tech
- Millions of telecom employees’ passwords leaked on dark web, report finds
- Microsoft: Iranian hacking groups join Papercut attack spree
- Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability
- Richmond University Medical Center suffers ransomware attack; unclear if patient info compromised
- CheckMate ransomware targets popular file-sharing protocol -SMB
- Capita Says Ransomware Attack Will Cost It Up to $25 Million
- FBI seizes 13 more domains linked to DDoS-for-hire services
- Dish Network Says Press “Exaggerated” Severity Of February Cyberattack
- Researchers Uncover SideWinder’s Latest Server-Based Polymorphism Technique
- Government, Industry Efforts to Thwart Ransomware Slowly Start to Pay Off
- Royal Ransomware Expands to Target Linux, VMware ESXi
- Multinational tech firm ABB hit by Black Basta ransomware attack
- Brightly warns of SchoolDude data breach exposing credentials
- Microsoft issues optional fix for Secure Boot zero-day used by malware
- Food distribution giant Sysco warns of data breach after cyberattack
- Npm Packages Vulnerable to Old-School Weapon: the ‘Shift’ Key
- New Linux kernel NetFilter flaw gives attackers root privileges
- Unpatched MS Exchange servers remain vulnerable to RCE bugs
- FBI-led Op Medusa slays NATO-bothering Russian military malware network
- Scammers use AI to enhance their family emergency schemes
- Ransomware Attacks Adapt With New Techniques: Kaspersky Report
- RapperBot DDoS Botnet Expands into Cryptojacking
- Millions of mobile phones come pre-infected with malware, say researchers
- Atomic malware steals Mac passwords, crypto wallets, and more
- ESET APT Activity Report Q4 2022–Q1 2023
- Hacker committed ransomware attack on Gaston College
- Fake in-browser Windows updates push Aurora info-stealer malware
- Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt
- WordPress Elementor plugin bug let attackers hijack accounts on 1M sites
- The Race to Patch: Attackers Leverage Sample Exploit Code in WordPress Plugin
- Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested
- Ex-Ubiquiti engineer behind “breathtaking” data theft gets 6-year prison term
- Australian software giant TechnologyOne won’t say if customers affected by hack
- New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows
- XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks
Other News Events of Note and Interest
- Back it up: Most dead hard drives fail within 3 years
- Google’s answer to ChatGPT is now open to everyone in US, packing new features
- MIT data on ChatGPT show ‘Industrial Revolution-level’ leap for worker
- MIT scientists find something alarming about artificial intelligence
- Greek Scientists Create Fastest Ever AI Processor Harnessing Light
- IBM Delivers Roadmap for Transition to Quantum-safe Cryptography
- Head of NSA, Cyber Command expected to resign
- Siemens, SAP say EU draft Data Act puts trade secrets at risk
- GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
- Microsoft’s AI-powered Copilot gains new features as preview expands
- Proton Drive Review: Pros & Cons, Features, Ratings, Pricing and more
- Why Honeytokens Are the Future of Intrusion Detection
- Relive Your Childhood Games With This Free CD-ROM Archive
- How Long Do USB Thumb Drives Hold Data?
- Google’s new Home app is now rolling out to everyone
- WordStar Reborn
- Microsoft Lists Gets Update with Performance Improvements
- OpenAI’s ChatGPT Powered by Human Contractors Paid $15 Per Hour
- EU sends Apple stark warning over USB-C charging on new iPhones
- AI: ‘The transformation of search is definitely underway,’ Microsoft VP says
- Windows Subsystem for Android gets big update with RAM reallocation, antivirus support, more
- Microsoft begins pushing number matching MFA on Authenticator
- Mozilla Firefox 113 Is Now Available for Download, Here’s What’s New
- Firefox 113.0.1 fixes a desktop window manager (DWM) bug on Windows 11, incorrect colors
- India bans open source messaging apps for security reasons. FOSS community says good luck
- Microsoft Teams Introduces Beautiful New Backgrounds for Enhanced Virtual Experience
- CISOs Worried About Personal Liability For Breaches
- IBM intros a slew of new AI services, including generative models
- Microsoft to Throttle Traffic from Legacy Exchange Servers
- AV-TEST: Microsoft Defender is a serious system hog vs Avast/AVG, Kaspersky, Malwarebytes
Cyber Insurance News
- The Merck appeal: cyber insurance and the definition of war
- US Cyber Insurance Sharp Price increases, Profit Improvement to Moderate
- Did Oakland have right cyber insurance before ransomware hack?
- 90% of Small Business Leaders Underestimate Cyber Incident Costs – Cowbell report
- Ransomware insurance claims jump back up