IT Security Newsletter - 8/25/2022
Block sued after ex-staffer siphons customer data
Block - the digital payments giant formerly known as Square - faces allegations it failed to take adequate measures to protect customers' personal information. A lawsuit, filed Tuesday in a federal district in Oakland, California, on behalf of two users of Cash App, operated by Block subsidiary Cash App Investing, claims the company failed to implement reasonable security. As a result, a former employee was able to download internal reports containing personal information after leaving the firm. READ MORE...
Hackers use AiTM attack to monitor Microsoft 365 accounts for BEC scams
A new business email compromise (BEC) campaign has been discovered combining sophisticated spear-phishing with Adversary-in-The-Middle (AiTM) tactics to hack corporate executives' Microsoft 365 accounts, even those protected by MFA. By accessing accounts of high-ranking employees like CEOs or CFOs of large organizations, the threat actors can monitor communications and respond to emails at the right moment to divert a large transaction to their bank accounts. READ MORE...
Mozilla Patches High-Severity Vulnerabilities in Firefox, Thunderbird
Mozilla this week patched several high-severity vulnerabilities in its Firefox and Thunderbird products. Firefox 104 - as well as Firefox ESR 91.13 and 102.2 - patches a high-severity address bar spoofing issue related to XSLT error handling. The flaw, tracked as CVE-2022-38472, could be exploited for phishing. The latest Firefox release also resolves CVE-2022-38473, an issue related to cross-origin XSLT documents that could pose security and privacy risks. READ MORE...
VMware confirms Carbon Black causing BSODs, boot loops on Windows
VMware has admitted an update on some versions of its Carbon Black endpoint solution is responsible for BSODs and boot loops on Windows machines after multiple organizations were affected by the problem. The issue - where PCs began booting into blue screens, some of which flashed the stop code PFN_LIST_CORRUPT - was apparently caused by a changed ruleset by the company. READ MORE...
Efficient 'MagicWeb' Malware Subverts AD FS Authentication, Microsoft Warns
The attackers responsible for the SolarWinds supply chain attack have added a new arrow to their quiver of misery: A post-compromise capability dubbed MagicWeb, which is used to maintain persistent access to compromised environments and move laterally. Researchers at Microsoft observed the Russia-backed Nobelium APT using the backdoor after gaining administrative privileges to an Active Directory Federated Services (AD FS) server. READ MORE...
How Economic Changes and Crypto's Rise Are Fueling the use of "Cyber Mules"
As fears over recession loom in many places globally, both cybercrime and job insecurity are on the rise. Meanwhile, some layoffs have occurred and the conversations at work around working-from-anywhere or back to the office continue. And if history tells us anything, it's that this type of environment is ripe for the increased use of "cyber mules" - aka the cybercrime world's money mules. READ MORE...
ChromeOS vulnerability found by Microsoft
Microsoft recently released a report about a ChromeOS remote memory corruption vulnerability. The issue has already been fixed. In fact, it was reported to Google in April. The fix was applied shortly after, and released on June 15. The resulting deep-dive from Microsoft is a fascinating look at how one technology giant addresses another's bugs and issues. The problem, known as CVE-2022-2587 on the Common Vulnerabilities and Exposures (CVE) list, caused big headaches for Chrome. READ MORE...
- ...in 1910, Walden W. Shaw and John D. Hertz forms the Walden W. Shaw Livery Company, which will later become the Yellow Cab Company.
- ...in 1944, after more than four years of Nazi occupation, Paris is liberated by the U.S. 4th Infantry Division.
- ...in 1985, New York Mets pitcher Dwight Gooden becomes the youngest 20-game winner in Major League Baseball history.
- ...in 1989, NASA scientists receive stunning photographs of Neptune and its moons from Voyager 2.