01 NOVEMBER 2022 WEEKLY NEWSLETTER

BOCRA website

     

NEWSLETTER

 

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability


                                                     LATEST CYBER HACKS 

 
 
icon

Hackers selling access to 576 corporate networks for $4 million

A new report shows that hackers are selling access to 576 corporate networks worldwide for a total cumulative sales price of $4,000,000, fueling attacks on the enterprise. The research comes from Israeli cyber-intelligence firm KELA which published its Q3 2022 ransomware report, reflecting stable activity in the sector of initial access sales but a steep rise in the value of the offerings.

icon

U.S. Bank data breach impacts 11K customers

U.S. Bank notified some customers on Friday that their personal information was accidentally shared by a third-party vendor, according to letters posted to the California Attorney General’s website.

icon

Second Health Entity Reports Breach Tied to Meta Pixel Use

The entity's breach notification statement says "select data" - including email addresses, phone numbers, novel coronavirus vaccine status and appointment information - may have been transmitted to Facebook parent Meta through the social media's deployable tracking code.


                                                      VULNERABILITIES

 
 
icon

VMware Warns of Exploit for Recent NSX-V                 Vulnerability

An end-of-life (EOL) product installed as a plug-in to VMware vCenter Server, NSX-V is a network virtualization solution offering networking and security functionality, including VPN, logical switching and routing, and more. The product is bundled within VMware Cloud Foundation.

icon

Samsung Galaxy Store Bug Could've Let Hackers Secretly Install Apps on Targeted Devices

The vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-site scripting (XSS) bug that occurs when handling certain deep links. An independent security researcher has been credited with reporting the issue.


                                     MALWARES

 
 
icon

Hacking group abuses antivirus software to launch LODEINFO malware

The Chinese Cicada hacking group, tracked as APT10, was observed abusing security software to install a new version of the LODEINFO malware against Japanese organizations. The targeted entities are media groups, diplomatic agencies, government and public sector organizations, and think tanks in Japan, all high-interest targets for cyberespionage.

icon

New Azov data wiper tries to frame researchers and BleepingComputer

A new and destructive 'Azov Ransomware' data wiper is being heavily distributed through pirated software, key generators, and adware bundles, trying to frame well-known security researchers by claiming they are behind the attack.


                              

icon

REvil-based LV Ransomware Reemerged Claiming a Victim in Jordan

Microsoft's threat intelligence division on Wednesday assessed that a subgroup of the Iranian threat actor tracked as Phosphorus is conducting ransomware attacks as a "form of moonlighting" for personal gain.Active since late 2021, LV Ransomware is a RaaS based on the REvil operation. Experts believe that REvil operators either shared or sold the source code of the ransomware to LV Ransomware. Recently, the ransomware group has reemerged in the threat landscape with a new attack, found Trend Micro.


                              


                               GENERAL NEWS

 
 
icon

Mozilla Firefox fixes freezes caused by new Windows 11 feature

Mozilla has fixed a known issue causing the Firefox web browser to freeze when copying text on Windows 11 devices where the Suggested Actions clipboard feature is enabled

icon

Industrial providers ramp up cyber risk posture as OT threats evolve

Industrial organizations have strengthened their cybersecurity postures in the past year as nearly two-thirds have faced high or severe threats to their operational technology environments, according to a SANS INstitute report commissioned by Nozomi Networks.