IT Security Newsletter - 6/8/2023
Clop ransomware crew sets June extortion deadline for MOVEit victims
Clop, the ransomware crew that has exploited the MOVEit vulnerability extensively to steal corporate data, has given victims a June 14 deadline to pay up or the purloined information will be leaked. Organizations including British Airways, the BBC, and the Boots pharmacy chain in the UK have had their employees' records stolen by the Russian gang via the software flaw. It's feared thousands if not tens of thousands of workers have had their personal info swiped. READ MORE...
Japanese pharma giant Eisai discloses ransomware attack
Pharmaceutical company Eisai has disclosed it suffered a ransomware incident that impacted its operations, admitting that attackers encrypted some of its servers. Eisai is a Tokyo-based pharmaceutical company with an annual revenue of $5.3 billion and over 10,000 employees. The company maintains nine manufacturing and fifteen medical research units in Japan, the United Kingdom, North Carolina, and Massachusetts. READ MORE...
Firefox 114 is out: No 0-days, but one fascinating "teachable moment" bug
Firefox's latest major update is out, following Mozilla's usual every-fourth-Tuesday release cycle. The list of security fixes this month (like full moons, there are sometimes two Firefox releases in a calendar month, but most months only have one) is splendidly short, and there aren't any critical bugs or zero-days in the list. But there's a fascinating bug that acts as a reminder that it's hard to write responsive, user-friendly browser code that's also strong against deliberate trickery. READ MORE...
VMware Plugs Critical Flaws in Network Monitoring Product
Virtualization technology giant VMware on Wednesday shipped urgent patches to cover security defects in the Aria Operations for Networks product, warning that the flaws expose businesses to remote code execution attacks. VMware released an advisory documenting three critical-severity vulnerabilities haunting the network and application monitoring tool and called special attention to a command injection issue (CVE-2023-20887) that carries a CVSSv3 base score of 9.8/10. READ MORE...
0mega ransomware gang changes tactics
A number of ransomware gangs have stopped using malware to encrypt targets' files and have switched to a data theft/extortion approach to get paid, 0mega - a low-profile and seemingly not very active threat actor - seems to be among them. 0mega (spelled with a zero) is a relative newcomer to the ransomware/extortion business. Evidence of its activities were first spotted roughly a year ago, when one victim - a UK-based electronics repair and refurbishment company. READ MORE...
Minecraft Malware Spreading Through Mods, Plug-ins
Minecraft players should hold off on downloading any new mods or plugins while cybersecurity researchers try to track down a fix for malware ripping through the game. A worm virus named "fracturizer" has been found embedded in popular Minecraft modpacks, several game themes pulled together, which are then used by players to toggle between multiple mods, giving the player more experience options, as well as helping the malware spread. READ MORE...
Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
Cisco on Wednesday announced patches for a critical vulnerability in its Expressway series and TelePresence Video Communication Server (VCS) enterprise collaboration and video communication solutions. Tracked as CVE-2023-20105 (CVSS score of 9.6), the vulnerability allows an administrator with 'read-only' rights to elevate their privileges to 'read-write'. READ MORE...
Hear no evil: Ultrasound attacks on voice assistants
Regular WeLiveSecurity readers won't be stunned to read that cyberattacks and their methods keep evolving as bad actors continue to enhance their repertoire. It's also become a common refrain that as security vulnerabilities are found and patched (alas, sometimes after being exploited), malicious actors find new chinks in the software armor. Sometimes, however, it is not "just" a(nother) security loophole that makes the headlines, but a new form of attack. READ MORE...
Honda API flaws exposed customer data, dealer panels, internal docs
Honda's e-commerce platform for power equipment, marine, lawn & garden, was vulnerable to unauthorized access by anyone due to API flaws that allow password reset for any account. Honda is a Japanese manufacturer of automobiles, motorcycles, and power equipment. In this case, only the latter division is impacted, so owners of Honda cars or motorcycles aren't affected. READ MORE...
AI system devises first optimizations to sorting code in over a decade
Anyone who has taken a basic computer science class has undoubtedly spent time devising a sorting algorithm-code that will take an unordered list of items and put them in ascending or descending order. It's an interesting challenge because there are so many ways of doing it and because people have spent a lot of time figuring out how to do this sorting as efficiently as possible. READ MORE...
- ...in 1966, the National and American Football leagues announce that they will merge, forming the modern NFL.
- ...in 1968, James Earl Ray is arrested for the assassination of Dr. Martin Luther King, Jr.
- ...in 1968, Senator Robert F. Kennedy is buried in Arlington National Cemetery.
- ...in 1970, The Beatles final single, "The Long and Winding Road", hits #1 on Billboard's charts.