<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 10/3/2022

SHARE

Top News

High-severity Microsoft Exchange 0-day under attack threatens 220,000 servers

Microsoft late Thursday confirmed the existence of two critical vulnerabilities in its Exchange application that have already compromised multiple servers and pose a serious risk to an estimated 220,000 more around the world. The currently unpatched security flaws have been under active exploit since early August, when Vietnam-based security firm GTSC discovered customer networks had been infected with malicious webshells and that the initial entry point was some sort of Exchange vulnerability. READ MORE...

Breaches

Hack Puts Latin American Security Agencies on Edge

A massive trove of emails from Mexico's Defense Department is among electronic communications taken by a group of hackers from military and police agencies across several Latin American countries, Mexico's president confirmed Friday. The acknowledgement by President Andrés Manuel López Obrador comes after Chile's government said last week that emails had been taken from its Joint Chiefs of Staff. READ MORE...

Hacking

Mystery hackers are "hyperjacking" targets for insidious spying

For decades, virtualization software has offered a way to vastly multiply computers' efficiency, hosting entire collections of computers as "virtual machines" on just one physical machine. And for almost as long, security researchers have warned about the potential dark side of that technology: theoretical "hyperjacking" and "Blue Pill" attacks, where hackers hijack virtualization to spy on and manipulate virtual machines, with potentially no way for a targeted computer to detect the intrusion. READ MORE...


Vice Society raises ransomware pressure on Los Angeles school district

Vice Society on Friday listed the Los Angeles Unified School District on its ransomware leak site, four weeks after the country's second-largest school system was hit by a major ransomware attack. The group threatened to publish data it claims to have stolen during the attack on Oct. 3 at 4 p.m. PST. Ransomware groups typically list their victims on leak sites to increase pressure and set deadlines for victims to meet their ransom demand before stolen data is published. READ MORE...

Information Security

Nord Stream pipeline disinformation fits pattern of Russian information warfare

Within hours of this week's Nord Stream pipeline explosion, Russian officials, Twitter users and Tucker Carlson began circulating disinformation suggesting that the Biden administration was responsible for the apparent act of sabotage. While there is not yet evidence to say exactly who is responsible for the Nord Stream attack there are, however, plenty of officials pointing at Russia. READ MORE...

Exploits/Vulnerabilities

Lazarus hackers abuse Dell driver bug using new FudModule rootkit

The notorious North Korean hacking group 'Lazarus' was seen installing a Windows rootkit that abuses a Dell hardware driver in a Bring Your Own Vulnerable Driver attack. The spear-phishing campaign unfolded in the autumn of 2021, and the confirmed targets include an aerospace expert in the Netherlands and a political journalist in Belgium. According to ESET, which published a report on the campaign today, the primary goal was espionage and data theft. READ MORE...


CISA: Hackers exploit critical Bitbucket Server flaw in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added three more security flaws to its list of bugs exploited in attacks, including a Bitbucket Server RCE and two Microsoft Exchange zero-days. CISA's Known Exploited Vulnerabilities (KEV) catalog now includes two Microsoft Exchange zero-days (CVE-2022-41040 and CVE-2022-41082) exploited in limited, targeted attacks, according to Microsoft. READ MORE...


Canon Medical Product Vulnerabilities Expose Patient Information

Trustwave is warning healthcare organizations of two cross-site scripting (XSS) vulnerabilities in Canon Medical's popular medical imaging sharing tool Vitrea View. Touted as an enterprise viewing solution, Vitrea View is used by healthcare providers, physicians, and radiologists to securely share medical images that can then be accessed directly from the browser, on both desktop and mobile devices. READ MORE...

On This Date

  • ...in 1789, George Washington issues a proclamation declaring Thanksgiving as a national holiday.
  • ...in 1906, The first conference on wireless telegraphy in Berlin adopts SOS as warning signal.
  • ...in 1985, Space Shuttle Atlantis makes its maiden flight from Kennedy Space Center in Florida.
  • ...in 1990, East and West Germany reunify after 40 years of division following WWII.