Cyber Bites

Microsoft issued its last regular patch update round this week, fixing over 50 CVEs, including the malicious zero-day bug "Follina." Officially named CVE-2022-30190, Follina, as reported last week, is being exploited in the wild by state-backed actors and the operators behind Qakbot, which has links to ransomware groups. It's a remote code execution (RCE) bug affecting the popular utility Windows Support Diagnostic Tool (MSDT). As well as patching Follina, Microsoft patched three other critical vulnerabilities...

Technical details have emerged about a vulnerability affecting certain versions of the Zimbra email solution that hackers could exploit to steal logins without user interaction or authentication. The security issue is currently being tracked as CVE-2022-27924 and impacts Zimbra releases 8.8x and 9.x for both open-source and commercial versions of the platform. Since the 10th May, a fix has been published and made available in Zimbra versions ZCS 9.0.0 Patch 24.1 and ZCS 8.8.15 Patch...

Obrela Security Industries, a security analytics and cyber risk management services, has announced its sponsorship of Commix, an open-source pen-testing tool, to address command injection vulnerabilities. Obrela aims to address the emerging demand for end-to-end security services by offering an 'umbrella' of security solutions. George Patsis, CEO, at Obrela Security Industries said that this sponsorship would would, "Provide penetration testers and information security researchers with everything they need in order to perform a successful command...

The age of the password may soon be over. A survey conducted by Ping Identity and Yubico concluded that leaders of the IT industry have serious issues with the modern password-based security system. 94% of IT leaders have serious issues with user-generated passwords and half of those surveyed believe that passwords are too weak for security purposes. Rob Griffin, CEO at MIRACL says that, "It has long been recognized that passwords are outdated and not...

A major new state-backed spear-phishing operation targeting multiple high-ranking Israeli and US officials has been uncovered by security researchers. The campaign has been traced to the Iranian Phosphorus ATP group, according to Check Point. It has targeted former Israeli foreign minister and deputy Prime Minister Tzipi Livni, a former US ambassador to Israel, and a former major general in the Israeli Defence Forces (IDF). These have been dated back to at least December 2021. The...

The New York City Fire Department (FDNY) said it's aiming to build a digital firewall to protect the city's emergency workers from cyber-attacks. The request was published in the City Record and called for consultant services “for the development and implementation of protective strategies to address the cyber-threat of doxxing and to provide resiliency for the security of personal information.” These include the development of a training program targeting agents that regularly interact with the public...

A news release from Avera Health, a Sioux Falls-based healthcare system, confirms that a data breach in March exposed the sensitive data of 700 patients. Among the stolen information was names, Social Security numbers, phone numbers, addresses, birth dates and email addresses. The healthcare group learned about the data breach on March 25th yet only began to alert patients who may have been affected on June 10th. Avera says that, after discovering the breach, they...

BlackCat, the ALPHV ransomware gang, has created a website that allows customers and employees of their victim to check if their data was stolen in an attack. Ransomware gangs typically quietly steal corporate data and harvest everything of value. After they've done this, the threat actor starts to encrypt devices. The hackers then, in a double-extortion scheme, demand a ransom payment to deliver a decryptor and prevent public release of corporate data. Ransomware gangs create...

The Canadian legislature plans to introduce a bill on June 14th which would make the reporting of cybersecurity breaches mandatory for private-sector organizations. The legislations aims to target the underreporting of ransomware attacks which has proven to be a problem for cybersecurity regulators. According to SecOps report released by Deep Instinct, 38% of surveyed cybersecurity professionals admitted to paying ransoms for stolen data. Many of these ransomware attacks, and the subsequent payoffs, go unreported creating a...

Searchlight Security appointed Eric Milam as their new Executive Vice President of Product. Milam is a renowned cybersecurity expert who brings deep expertise in threat intelligence and research, a decisive leadership style, and a creative approach to cyber-security problem-solving and solution design. Milam has worked previously as a VP of Research & Intelligence at Blackberry and, before that, as VP of Research Operations at Cylance. Searchlight Security, a mission-proven dark web intelligence company, is bringing...