Infosec bits for week 28/22
- Security News:
- Journalists Emerge as Favored Attack Target for APTs [Elizabeth Montalbano, Threatpost]
- Hackers impersonate cybersecurity firms in callback phishing attacks [Bill Toulas, BleepingComputer]
- Elastix VoIP systems hacked in massive campaign to install PHP web shells [Bill Toulas, BleepingComputer]
- Hackers stole US$620 million from Axie Infinity with fake job interviews [IT World Canada Staff, IT World Canada Staff]
- Malware:
- Emerging H0lyGh0st Ransomware Tied to North Korea [Elizabeth Montalbano, Threatpost]
- Crunch time for EU web authentication plan as Mozilla launches campaign to protect status quo [Adam Bannister, The Dily Swing]
- New Lilith Ransomware Family Joins the Double Extortion Threat Landscape [Cyware Alerts – Hacker News, Cyware]
- Breaches & Leaks:
- Former CIA employee convicted for carrying out largest data leak in agency’s history [Mark Morales, CNN]
- More than 4,000 individuals’ medical data left exposed for 16 years [GFiuui45fg, Cyber Reports]
- 1.9m patient records exposed in healthcare debt collector ransomware attack [Jessica Lyons Hardcastle, The Register]
- Aon Hack Exposed Sensitive Information of 146,000 Customers [Benjamin David, Info Security]
- Vulnerabilities & Patches:
- Microsoft Teams security vulnerability left users open to XSS via flawed stickers feature [Charlie Osborne, The Dily Swing]
- SAP Patches High-Severity Vulnerabilities in Business One Product [Ionut Arghire, Security Week]
- Netwrix Auditor Bug Could Lead to Active Directory Domain Compromise [Dark Reading, Dark Reading]
- Actively exploited zero-day and four ‘critical’ vulnerabilities fixed in Microsoft’s July Patch Tuesday [Connor Jones, ITPro]
- How Attackers Could Dupe Developers into Downloading Malicious Code From GitHub [Jai Vijayan, Dark Reading]