February 8, 2023

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings . This review is for the week ending Saturday, December 31st, 2022.

Last week of 2022, started with the coverage on a data breach incident. Danish shoe manufacturer and retailer Ecco suffers a data breach and exposes millions of documents. The server misconfiguration’s severity, open to an attack that could have affected customers all over the world.

Vice Society ransomware gang is now using a new custom payload in its recent cyberattacks. The ransomware variant, dubbed PolyVice, was first seen in the wild in July, but it was used only in September.

Advertisements

Google has published two open-source technologies to help companies for processing user data for meeting privacy requirements. The first one is a tool called Magritte for blurring objects such as license plates in videos. The other is a new version of FHE C++ Transpiler, a privacy tool that Google originally introduced last year. It allows applications to process encrypted datasets without decrypting them first.

AWS has announced it would make a few changes to its S3 services. Starting April 2023, all buckets in a region will have S3 Block Public Access enabled and access control lists disabled by default.

400 million Twitter accounts are affected by a massive Twitter data breach, according to a hacker. With users flocking to the rival Mastodon, controversial new view count feature, and now the breach; Twitter road is too rough.

A critical WordPress plugin vulnerability tracked as CVE-2022-45359 with a CVSS v3 9.8, has been exploited in wild by the threat actors. The vulnerability affecting the WordPress plugin YITH WooCommerce Gift Cards Premium that allows websites of online stores to sell gift cards, a WordPress plugin used on over 50,000 websites.

The world’s largest cryptocurrency mining pool, BTC.com, suffers a cyberattack and approximately $3 million worth of crypto assets were stolen. BTC.com lost about $700,000 worth of crypto owned by its clients and $2.3 million in digital assets owned by the company.

Advertisements

FInal acquisition coverage is Netwrix has acquired privileged access management startup Remediant for an undisclosed price to enrich its PAM offering.

BitKeep, a decentralised crypto wallet, became a victim of supply chain attack that resulted in the theft of over $9 million worth of digital currencies from its customers.The attackers were able to hijacked BitKeep App 7.2.9 APK hosted on the company website, replaced with the malicious version that designed to steal digital assets, app installed via Google Play, iOS App Store, and Google Chrome are safe.

After suffering a data breach in 2020 when personal data of around 90 lakh railways ticket buyers was compromised, it seems that a similar case may have happened again with IRCTC. Reportedly, data of three crore railway travelers has been stolen online and put up for sale on the dark web. The theft is said to have happened on December 27.

Telecommunication company Intrado was a victim of cyberattack, and it was claimed by the Royal Ransomware group. The attack started on December 1st. The Lake Charles Memorial Health System (LCMHS) from Southwest Louisiana disclosed a data breach that affected almost 270,000 patients at its medical centers. Hive ransomware took responsibility for the attack.

The US CISA has added TIBCO Software’s JasperReports vulnerabilities, to its Known Exploited Vulnerabilities catalog. TIBCO JasperReports is an open-source Java reporting tool for creating and managing reports and dashboards and it has vulnerabilities tracked as CVE-2018-5430 with a CVSS score of 7.7 and CVE-2018-18809 with a CVSS score of 9.9.

Advertisements

The Port of Lisbon administration suffered a cyberattack. The representatives of Portugal’s third-largest port said the attack did not affect operations, but the cyber incident was reported to the National Cybersecurity Center and the Judiciary Police. Lockbit ransomware was the one responsible for the attack

Waterloo Wellington Flight Center in Ontario, Canada, is the latest victim of the cyber attack. Royal Ransomware gang claims the responsibility for the attack. In its Tor, the victim is listed.

St.Rose hospital in Hayward, California, another victim of a ransomware attack.Threat actor behind the attack is the BianLian Ransomware group. They have listed the hospital name in their Tor site. The stolen data is believed to be 1.7 Tb approximately

Netgear has fixed a bug affecting multiple WiFi router models, including Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC router models. The flaw is a pre-authentication buffer overflow vulnerability and urged customers to address the firmware of their devices as soon as possible. An attacker can exploit this vulnerability without requiring permissions or user interaction.

A new evolving eavesdropping attack has been developed by a team of security experts for Android devices, dubbed EarSpy. With this attack type, threat actors can get hands-on sensitive content.

Advertisements

Canadian copper mine suffered a ransomware attack, forcing it to switch to manual processes and shut down mills. Operators of Royal Ransomware said that they were behind a cyberattack on the Iowa branch of the Public Broadcasting Service.

This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on FacebookTwitter

Leave a Reply

%d bloggers like this: