<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 8/12/2022

SHARE

Hacking

Ransomware attack blamed for closure of all 7-Eleven stores in Denmark

Ransomware is to blame for the closure of all 175 7-Eleven stores in Denmark on Monday. The retailer closed all of its stores in Denmark after its cash registers and payment systems were brought down in the attack. Initially, 7-Eleven's Danish division did not say that ransomware was responsible for its problems, simply describing the incident as a "hacker attack": READ MORE...

Software Updates

Years after claiming DogWalk wasn't a vulnerability, Microsoft confirms flaw is being exploited and issues patch

This week Microsoft finally released a patch for a zero-day security flaw being exploited by hackers, that the company had claimed since 2019 was not actually a vulnerability. The volte-face from Microsoft relates to "DogWalk", a remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT), affecting all Windows versions going back as far as Windows 7 and Server 2008. READ MORE...

Malware

FBI: Zeppelin ransomware may encrypt devices multiple times in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned US organizations today that attackers deploying Zeppelin ransomware might encrypt their files multiple times. The two federal agencies also shared tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help security professionals detect and block attacks using this ransomware strain. READ MORE...

Information Security

Krebs on Security: It Might Be Our Data, But It's Not Our Breach

A cybersecurity firm says it has intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. The firm's analysis of the data suggests it corresponds to current and former customers of AT&T. The telecommunications giant stopped short of saying the data wasn't theirs, but it maintains the records do not appear to have come from its systems and may be tied to a previous data incident at another company. READ MORE...

Exploits/Vulnerabilities

Xiaomi phones with MediaTek chips vulnerable to forged payments

Security analysts have found security issues in the payment system present on Xiaomi smartphones that rely on MediaTek chips providing the trusted execution environment (TEE) that is responsible for signing transactions. Attackers could exploit the weaknesses to sign fake payment packages using a third-party unprivileged application. The implications of such an attack would be to make the payment service unavailable or to sign transactions from the user's mobile wallet to the threat actor's account. READ MORE...


Zimbra auth bypass bug exploited to breach over 1,000 servers

An authentication bypass Zimbra security vulnerability is actively exploited to compromise Zimbra Collaboration Suite (ZCS) email servers worldwide. Zimbra is an email and collaboration platform used by more than 200,000 businesses from over 140 countries, including over 1,000 government and financial organizations. According to threat intelligence firm Volexity, attackers have been abusing a ZCS remote code execution flaw requiring authentication with the help of an auth bypass bug as early as the end of June. READ MORE...


Slack flaw exposed users' hashed passwords

Slack, the workplace communication platform, has notified some of its users that their hashed passwords have been subject to exposure for the last five years. The company wasn't specific in its notice, but Wired said that the flaw was in one of its "low-friction features". The flaw exposed hashed passwords of users when creating or revoking shared invitation links for workspaces. READ MORE...


Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks

A serious vulnerability affecting the eCos SDK made by Taiwanese semiconductor company Realtek could expose the networking devices of many vendors to remote attacks. The security hole, tracked as CVE-2022-27255 and rated 'high severity', has been described as a stack-based buffer overflow that can allow a remote attacker to cause a crash or achieve arbitrary code execution on devices that use the SDK. An attack can be carried out through the WAN interface using specially crafted SIP packets. READ MORE...

On This Date

  • ...in 1851, inventor Isaac Singer is given a patent on his sewing machine.
  • ...in 1908, Henry Ford's first Model T, affectionately known as the "Tin Lizzie," rolls off the assembly line in Detroit, MI.
  • ...in 1925, twin brothers Ross and Norris McWhirter, co-founders of the Guinness Book of World Records, are born in Middlesex, England.
  • ...in 1949, Dire Straits guitarist and songwriter Mark Knopfler ("Money For Nothing", "Sultans of Swing") is born in Glasgow, Scotland.