CyberSecurity Updates

01 Dec

Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java Framework

Attacks, Malware

It is highly recommended for all users of the Quarkus Java framework to update to versions 2.14.2.Final and 2.13.5.Final (LTS) to fix the exploit as soon as possible. This fix forces the Dev UI to check the origin header of the request and only accept requests where the value is localhost. Since this header is set by the browser and is not modifiable by JavaScript run within the browser, exploitation of this vulnerability cannot be…

Read More
01 Dec

LastPass Says Hackers Accessed Customer Data in Most Recent Breach

Attacks, Malware

LastPass reminded customers their master password should be extremely strong and unique, and should never be reused. Additionally, users should set up multi-factor authentication (MFA). MFA combines biometric and contextual factors to establish identity – something you know (a password), something you have (a mobile device), and something you are (a biometric). LastPass provided the following instructions to ensure customer accounts are set up properly and secured. https://blog.lastpass.com/2022/01/how-to-set-up-your-new-lastpass-account/ https://www.bleepingcomputer.com/news/security/lastpass-says-hackers-accessed-customer-data-in-new-breach/

Read More
01 Dec

Southampton County Confirms Lockbit 3.0 Ransomware Attack

Attacks, Malware

Free credit and identity monitoring has been offered to those impacted by the event; it is highly recommended that affected users should take advantage of these services. Throughout the investigation process, no evidence of misuse or redistribution of the information was found by Southampton County. However, this assertion of low impact was proven to be false after snippets of data were posted, demonstrating the uncertainty and risks that emerge in the aftermath of ransomware attacks.…

Read More
01 Dec

Wipers Are Widening: Here’s Why That Matters

Information, Malware, News

In the first half of this year, researchers saw a rising trend of wiper malware being deployed in parallel with the Russia-Ukraine war. However, those wipers haven’t stayed in one place – they’re emerging globally, which underscores the fact that cybercrime knows no borders.  It’s not just the numbers that are growing; we’re also seeing a rise in variety and sophistication. These wiper varieties are also increasingly targeting critical infrastructure. Awash with wipers  The war…

Read More
01 Dec

#StopRansomware: Cuba Ransomware 

Attacks, Insights, Malware

Original release date: December 1, 2022 Today, the Federal Bureau of Investigation (FBI) and CISA released a joint Cybersecurity Advisory (CSA) #StopRansomware: Cuba Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Cuba ransomware. FBI investigations identified these TTPs and IOCs as recently as August 2022. This CSA updates the December 2021 FBI Flash: Indicators of Compromise Associated with Cuba Ransomware. Key updates include: FBI has identified a…

Read More
01 Dec

Researchers found security pitfalls in IBM’s cloud infrastructure

Data Breaches, Malware, Social Engineering

Security researchers recently probed IBM Cloud’s database-as-a-service infrastructure and found several security issues that granted them access to the internal server used to build database images for customer deployments. The demonstrated attack highlights some common security oversights that can lead to supply chain compromises in cloud infrastructure. Developed by researchers from security firm Wiz, the attack combined a privilege escalation vulnerability in the IBM Cloud Databases for PostgreSQL service with plaintext credentials scattered around the…

Read More
01 Dec

Software projects face supply chain security risk due to insecure artifact downloads via GitHub Actions

Data Breaches, Malware, Social Engineering

The way build artifacts are stored by the GitHub Actions platform could enable attackers to inject malicious code into software projects with CI/CD (continuous integration and continuous delivery) workflows that don’t perform sufficient filtering when downloading artifacts. Cybersecurity researchers have identified several popular artifacts download scripts used by thousands of repositories that are vulnerable to this issue. “We have discovered that when transferring artifacts between different workflows, there is a major risk for artifact poisoning…

Read More
01 Dec

IOTW: Passwords secure in latest LastPass data breach

Attacks, Data Breaches

Password manager LastPass has continued to maintain the security of its customers’ passwords despite suffering its second data breach of 2022. The breach was discovered on November 30 after LastPass detected “unusual activity” within a third-party cloud storage solution that it uses. Following its the detection, LastPass launched an investigation into the cyber security incident and alerted the authorities. It was determined by the password management company that the malicious actor gained access to the…

Read More
01 Dec

8 things to consider amid cybersecurity vendor layoffs

Data Breaches, Malware, Social Engineering

2022 has been a heavy year for layoffs in the technology sector. Whether due to budget restraints, mergers and acquisitions, streamlining, or economic reasons, TrueUp’s tech layoff tracker has recorded over 1000 rounds of layoffs at tech companies globally so far, affecting more than 182,000 people. Some of the biggest tech companies in the world have announced significant staff cuts, including Amazon, Twitter, Meta, and Salesforce. Although perhaps less severely affected, cybersecurity vendors haven’t been…

Read More
01 Dec

Serious Security: MD5 considered harmful – to the tune of $600,000

Information

by Paul Ducklin In a fascinating legal deliberation handed down by the French data protection regulator CNIL (Commission Nationale de l’Informatique et des Libertés), the energy company Électricité de France, or EDF for short, has been fined EUR 600,000 (about $600,000). The legal declaration is, in the manner of such things, rather long and (to non-lawyers, at least) linguistically orotund, which means you need reasonable proficiency in French to understand all the ins and outs…

Read More