CyberSecure Specialist

26 Jun

Critical flaw in VMware Aria Operations for Networks sees mass exploitation

Data Breaches, Malware, Social Engineering

Researchers warn that a vulnerability patched this month in VMware Aria Operations for Networks, formerly known as vRealize Network Insight, is now seeing exploitation en masse. The flaw allows for remote code execution through command injection and is rated with critical severity. “New data from Akamai shows the scale of active scanning for sites vulnerable to CVE-2023-20887 is much greater than originally reported,” researchers from Akamai told CSO via email. “There have been 695,072 total…

Read More
26 Jun

Latest MOVEit exploit hits thousands of NYC school students and staff

Data Breaches, Malware, Social Engineering

Personal data of over 45,000 public school students was compromised in a breach involving the file-transfer software MOVEit, according to a community letter sent to families and staff by the New York City Department of Education. “DOE used MOVEit to transfer documents and data internally as well as to and from vendors, including third party special education service providers,” the letter said.   The breach is the latest expoit of a SQL injection vulnerability found…

Read More
26 Jun

American Airlines, Southwest Airlines Impacted by Data Breach at Third-Party Provider

Data Breaches, Information, News

American Airlines and Southwest Airlines have started informing thousands of pilots that their personal information was compromised in a data breach at Pilot Credentials. A portal managing pilot and cadet recruitment applications on behalf of various airlines, Pilot Credentials informed both companies on May 3 that it had suffered a cyberattack resulting in the compromise of files on its systems. The vendor was breached on or around April 30 and the attackers obtained files containing…

Read More
26 Jun

Pilot data of American Airlines and Southwest stolen in data breach

Data Breaches, Malware, Social Engineering

A cybersecurity incident at a third-party vendor has impacted the personal information of pilots of at least two US airlines, including American Airlines and Southwest Airlines.  Personal information, including name and social security number, driver’s license number, passport number, date of birth, Airman Certificate number, and other government-issued identification numbers were compromised, according to breach notifications from the airlines.  Breach at third-party vendor On May 3, both airlines were informed that their third-party vendor, pilotcredentials.com,…

Read More
26 Jun

Blizzard Entertainment hit by DDoS attack

Attacks, Data Breaches

Video game comoany, Blizzard Entertainment, has been the vicitm of a distributed-denial-of-service (DDoS) cyber attack. The DDoS attack was launched against the company on June 25, and caused a number of games that Blizzard hosts to go offline, including Diablo 4 and World of Warcraft. The disruption was noted by players across Blizzard’s titles, with some taking to Blizzard’s forums to post about the cyber attack. One user, who uses the screen name ‘Gibs’, made…

Read More
23 Jun

What to know about the MoveIT hack – Week in security with Tony Anscombe

Information

The US government has now announced a bounty of $10 million for intel linking the Cl0p ransomware gang to a foreign government The US government is now offering a $10 million reward for information linking the Cl0p ransomware gang or other threat actors targeting US critical infrastructure to a foreign government. This is after Cl0p (also known as Clop) exploited vulnerabilities in the MoveIT file transfer platform to steal data from and extort numerous organizations…

Read More
23 Jun

Aussie PM says, “Shut down your phone every 24 hours for 5 mins” – but that’s not enough on its own

Information, Malware

by Paul Ducklin The Australian Prime Minister, Anthony Albanese, has apparently advised people Down Under to turn off their mobile phones once a day, for the surprisingly precise period of five minutes, as a cybersecurity measure. UK newspaper The Guardian quotes the PM as saying: We all have a responsibility. Simple things, turn your phone off every night for five minutes. For people watching this, do that every 24 hours, do it while you’re brushing…

Read More
23 Jun

Public exploit is now available for Cisco AnyConnect VPN client

Data Breaches, Malware, Social Engineering

An easy-to-use exploit was publicly released this week for a patched vulnerability that affects the widely used Cisco AnyConnect Secure Mobility Client and Cisco Secure Client applications for Windows. Attackers could leverage the exploit to elevate their privileges on a victim’s system and take full control of it. Cisco Secure Client for Windows, previously known as Cisco AnyConnect Secure Mobility Client before version 5.0, is an application that integrates with multiple Cisco endpoint security and…

Read More
23 Jun

NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections

Information, News

The National Security Agency (NSA) has published technical mitigation guidance to help organizations harden systems against BlackLotus UEFI bootkit infections. The NSA’s recommendations provide a blueprint for defenders to protect systems from BlackLotus, a stealthy malware that emerged on underground forums in late 2022 with capabilities that include user access control (UAC) and secure boot bypass, unsigned driver loading, and prolonged persistence. To disable secure boot, the bootkit exploits a year-old vulnerability in Windows (CVE-2022-21894)…

Read More
23 Jun

In Other News: Microsoft Win32 App Isolation,Tsunami Hits Linux Servers, ChatGPT Credentials Exposed on Dark Web

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More