IT Security Newsletter

IT Security Newsletter - 6/27/2022

Written by Cadre | Mon, Jun 27, 2022

Attackers keep targeting VMware Horizon, exploiting unpatched Log4Shell

Malicious actors continue to dog VMware Horizon and Unified Access Gateway server deployments, capitalizing on unpatched Log4Shell, the Cybersecurity and Infrastructure Security Agency said Thursday in a joint advisory with the U.S. Coast Guard Cyber Command. The agencies are calling for organizations to update all VMware Horizon and UAG systems and, if fixes weren't applied in Dec. 2021, organizations should consider their systems compromised and start threat hunting. READ MORE...

Automotive fabric supplier TB Kawashima announces cyberattack

TB Kawashima, part of the Japanese automotive component manufacturer Toyota Boshoku of the Toyota Group of companies, announced that one of its subsidiaries has been hit by a cyberattack. The company did not confirm but there is reason to suspect that it is dealing with an attack from the LockBit ransomware group. TB Kawashima is a manufacturer of interior fabrics for automobiles, airplanes, theaters, and trains, with offices and plants in the U.S., China, Thailand, Indonesia, and India. READ MORE...

FTC Takes Action Against CafePress Over Massive Data Breach, Cover-Up

The Federal Trade Commission (FTC) on Friday announced that it has finalized an order against CafePress, requiring it to improve its security posture following a cybersecurity incident that the company attempted to cover up. CafePress is an online retailer of products such as T-shirts, bags, calendars and mugs, which users can customize with their own graphics designs or texts. It also allows users to have virtual shops on the platform. READ MORE...

Cyberattack Forces Iran Steel Company to Halt Production

One of Iran's major steel companies said on Monday it was forced to halt production after being hit by a cyberattack, apparently marking one of the biggest such assaults on the country's strategic industrial sector in recent memory. The state-owned Khuzestan Steel Company said experts had determined the plant had to stop work until further notice "due to technical problems" following "cyberattacks." The company's website was down on Monday. READ MORE...

More than $100m in cryptocurrency stolen from blockchain biz

Blockchain venture Harmony offers bridge services for transferring crypto coins across different blockchains, but something has gone badly wrong. The Horizon Ethereum Bridge, one of the firm's ostensibly secure bridges, was compromised on Thursday, resulting in the loss of 85,867 ETH tokens optimistically worth more than $100 million, the organization said via Twitter. READ MORE...

OpenSSL issues a bugfix for the previous bugfix

If you're an OpenSSL user, you're probably aware of the most recent high-profile bugfix release, which came out back in March 2022. That fix brought us OpenSSS 3.0.2 and 1.1.1n, updates for the two current fully-supported flavours of the product. The March 2022 update was a vital reminder that deeply-buried code with unusual bugs may end up getting overlooked for years, especially if that code is part of a complex, specialised, low-level function. READ MORE...

Clever phishing method bypasses MFA using Microsoft WebView2 apps

A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim's authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into stolen accounts. With the large number of data breaches, remote access trojan attacks, and phishing campaigns, stolen login credentials have become abundant. READ MORE...

Python packages with malicious code expose secret AWS credentials

Sonatype researchers have discovered Python packages that contain malicious code that peek into and expose secret AWS credentials, network interface information, and environment variables. All those credentials and metadata then get uploaded to one or more endpoints, and anyone on the web can see this. Going up a directory level showed hundreds of TXT files containing sensitive information and secret. READ MORE...

  • ...in 1880, author and disability rights advocate Helen Keller is born in Tuscumbia, AL.
  • ...in 1950, the United States decides to send troops to fight in the Korean War.
  • ...in 1966, film producer and director J.J. Abrams is born in New York City.
  • ...in 1982, Space Shuttle Columbia is launched for its final test flight from Kennedy Space Center.