15 September 2021 Weekly Newsletter


BOCRA website




Data Of 92% LinkedIn Users Dumped on The Dark Web

                                                     LATEST CYBER HACKS 




BlackMatter ransomware hits medical technology giant Olympus

Olympus, a leading medical technology company, is investigating a "potential cybersecurity incident" that impacted some of its EMEA (Europe, Middle East, Africa) IT systems last week.


Healthcare orgs in California, Arizona send out breach letters for nearly 150 000 after SSNs accessed during ransomware attacks

Two healthcare organizations have begun sending out breach notification letters to thousands of people in California and Arizona after both revealed that sensitive information -- including social security numbers, treatment information and diagnosis data -- were accessed during recent cyberattacks.





Google patches 10th Chrome zero-day exploited in the wild this year

Google has released Chrome 93.0.4577.82 for Windows, Mac, and Linux to fix eleven security vulnerabilities, two of them being zero-days exploited in the wild.



WordPress 5.8.1 Patches Several Vulnerabilities

Users have been informed that the latest update includes three security fixes, including for a data exposure flaw related to the REST API, and a cross-site scripting (XSS) issue in the block editor. WordPress 5.8.1 also updates Lodash, a JavaScript library that provides utility functions for common programming tasks, to address security issues.



Apple issues iOS 14.8 with security update to close spyware flaw

Apple on Monday released security updates for its iPhone, iPad, Apple Watch and Mac computers that close a vulnerability reportedly exploited by invasive spyware built by NSO Group, an Israeli security company. 





Android malware distributed in Mexico uses Covid-19 to steal financial credentials

McAfee Mobile Malware Research Team has identified malware targeting Mexico. It poses as a security banking tool or as a bank application designed to report an out-of-service ATM. In both instances, the malware relies on the sense of urgency created by tools designed to prevent fraud to encourage targets to use them. This malware can steal authentication factors crucial to accessing accounts from their victims on the targeted financial institutions in Mexico. 



REvil ransomware is back in full attack mode and leaking data

The REvil ransomware gang has fully returned and is once again attacking new victims and publishing stolen files on a data leak site.

Since 2019, the REvil ransomware operation, aka Sodinokibi, has been conducting attacks on organizations worldwide where they demand million-dollar ransoms to receive a decryption key and prevent the leaking of stolen files.

                               GENERAL NEWS




WhatsApp End-to-End Encrypted Cloud Backups

WhatsApp has recently announced the launch of their end-to-end encrypted backups feature, even on cloud services. Earlier, despite having end-to-end encryption available by default, WhatsApp lacked a security feature for cloud backups.



Twitter Launches Safety Mode To Block Abusive Comments

Twitter has recently announced a new feature dubbed ‘Safety Mode’ to block abusive users. Currently available in beta-mode, this feature will let users block accounts posting abusive comments. With this move, Twitter aims at preventing online harassment on the platform.


Botswana Communications Regulatory Authority

Private Bag 00495, Gaborone, Botswana


Disclaimer: This information was gathered from multi-trusted feeds and it is not created by COMM-CIRT