Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings . This review is for the week ending Saturday, October 22nd, 2022.
This week started with the writing covering about researches warned about a Electronic code book protocol that used by Microsoft for email encryption has a weakness that can leak information. The NIST, the U.S. agency that develops encryption standards for civilian use, characterizes ECB as a severe security vulnerability.
Magniber ransomware has been targeting home users by masquerading as software updates recent research has discovered. Woolworths, a retail giant from Australia said that a recent data breach has impacted the information of 2.2 million customers of MyDeal
Researchers discovered vulnerability in Apache Commons Text that gives unauthenticated attackers a way to execute code remotely on servers running applications with the affected component. Tracked as CVE-2022-42889 has a CVSS of 9.8 out of a 10.0 and exists in versions 1.5 through 1.9 of Apache Commons Text. PoC code for the vulnerability is already available, though there is no sign of exploit activity.
Zoom has patched a high-severity flaw in its client for macOS devices. Tracked CVE-2022-28762 with a CVSS score of 7.3, refers to a debugging port misconfiguration affecting versions between 5.10.6 and 5.12.0.
Bulgarian government sites have been heavily under a DDoS attack during this weekend, Russia the prime suspect. Traffic flooded the websites of the Bulgarian President, the National Revenue Agency, and the ministries of internal affairs, defense, and justice. Even telecoms firms, airports, banks, and some media companies were also a target during the attack.
Zscaler has announced new data protection technology that build upon a rich heritage of securing data across all cloud apps for data in motion, data at rest, and BYOD assets with accuracy
Microsoft has confirmed a data spillage linked to a misconfigured server for a cloud storage service collectively called as Bluebleed. The extent is argued. Microsoft’s MSRC said information received about the misconfigured endpoint that exposed business transaction data related to interactions between Microsoft and customers.
Google has launched a new project called Graph for Understanding Artifact Composition (GUAC) aims at securing the software supply chain. Also its seeking contributors to the new project.
The U.S. CISA adds the Linux kernel vulnerability, tracked as CVE-2021-3493, to its Known Exploited Vulnerabilities Catalog. The CVE-2021-3493 is a Linux Kernel privilege escalation vulnerability. The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities against user namespaces, leads to a privilege escalation.
A Russian-speaking ransomware group called OldGremlin involved in numerous campaigns targeting the organization that are operating in Eurasian nation.