C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F

Infosec bits for week 44/22

2022-11-04 13:55 - Sicelo Ncekana

Security News
- ALMA Suffers Cyberattack in Chile, Suspends Astronomical Observations [Swissinfo, Swissinfo]
- Cyber attacks on small firms The US economy’s Achilles heel BBC News [Nathalie Jimenez, Nathalie Jimenez]
- WhatsApp user? Change your settings now to stop cyber attacks [HT TECH, HT TECH]
- Analysts track gift cards to see how scammers use them in BEC attacks [Stephen Weigand, SC Media]
Phishing and Malware
- Black Basta Ransomware Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor [Antonio Cocomazzi and Antonio Pirozzi, Sentinel Labs]
- 130 Dropbox Code Repositories Compromised in a Sophisticated Phishing Campaign [Sumeet Wadhwani, Spiceworks]
- Bed, Bath & Beyond confirms data breach following employee phishing attack [Carly Page, TechCrunch]
- New Crimson Kingsnake gang impersonates law firms in BEC attacks [Bill Toulas, Bleeping Computer]
- Phishers Abuse Microsoft Voicemail Service to Trick Users [Phil Muncaster, Info Security]
- Emotet botnet starts blasting malware again after 4 month break [Lawrence Abrams, Bleeping Computer]
- These Four Android Apps On Google Play Exposed 1M Devices To Malware, Delete ASAP [Paul Lilly, HotHardware]
Vulnerabilities & Patches
- Urlscan.io API unwittingly leaks sensitive URLs, data [Charlie Osborne, The Daily Swing]
- SandStrike Strikes Andoid Users With Malicious VPN App [Cyware, Cyware]
- Vulnerability Patched in the Gatsby Cloud Image CDN [Mike Gualtieri, Gatsby]
- SQLite patches 22-year-old code execution, denial of service vulnerability [Charlie Osborne, The Daily Swing]
- Multi-factor auth fatigue is real – and it’s why you may be in the headlines next [Jeff Burt, The Register]

Contact Us:	csirt { a } sanren.ac.za

PGP Keys:
CSIRT		0xE2C491CED20D800F
Renier		0x11A7B70A4B81468E
Kgwadi		0x9FF01A35A5726937
Sicelo		0xA6CCD44FD770057B
Heloise		0x96371C4C9FA23CAC
Maajied		0xEE9BE86AD16D89C2