TheCyberThrone Security Week In Review – January 07th, 2023

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings . This review is for the week ending Saturday, January 07th, 2023.

Last week coverage started with an information about a Lockbit ransomware gang operation. The gang apologized for the attack on the hospital for Sick Children (SickKids) and has released a free decryptor to restore the files. The hospital is the Canadian largest pediatric health center, it is located on University Avenue in Toronto, Ontario, Canada. The attack took place on Dec 18th, 2022.

Google to pay $29.5 million to settle two different lawsuits brought by the states of Indiana and Washington, D.C., over its deceptive location tracking practices. Google will pay $9.5 million to D.C. and $20 million to Indiana after the states filed two lawsuits against the company, charging it with having tracked users’ locations without their express consent

PyTorch is one of the most popular and widely-used machine learning toolkits out there. PyTorch-nightly Linux packages installed via pip during that time installed a dependency, torchtriton, which was compromised on the PyPI code repository and ran a malicious binary.

Synology has patched several critical vulnerabilities, including flaws likely exploited recently at the Pwn2Own hacking contest. First vulnerability tracked as CVE-2022-43931 and the second vulnerability is impacting the Synology Router Manager (SRM), the operating system

Researchers have identified a new trojanized backdoor program that exploits multiple vulnerabilities in WordPress plug-ins and themes to breach websites based on the WordPress content management system. The flaws are being abused to execute an attack.

Fortinet has released patches for several vulnerabilities across its products. A high-severity command injection bug in FortiADC was tracked as CVE-2022-39947 with a CVSS score of 8.6. Fortinet also releases patches for multiple high-severity command injection flaws in FortiTester. Tracked as CVE-2022-35845 with a CVSS score of 7.6

This week, we have seen that Google has released first set of security updates for Android in 2023, which patch a total of 60 vulnerabilities. Cricket community network “criticalsocial.com” leaks 100k user entries and administrative credentials. The open database contains emails, phone numbers, names, hashed user passwords, dates of birth, and addresses of the website users.

The Irish Data Protection Commission has fined Meta $414 million for its management of user data for distributing personalized ads. Rackspace announced that discontinuing hosted Exchange email services after completing its investigation on last month Ransomware attacks and planned the transition to cloud-based Microsoft 365.

Data pertaining to nearly 200 million Twitter users have been published on a hacking forum two weeks after data relating to 400 million Twitter users was offered for sale on the same forum. Microsoft has given a reminder ring to all its customers that the extended support for all editions of Windows Server 2012 and Windows Server 2012 R2 will end on October 10^th, 2023.

Qualcomm Snapdragon chip enabled devices are potentially vulnerable to UEFI firmware flaws, and patches were released by the chip maker. Researchers discovered a total of nine vulnerabilities while analyzing the firmware for Lenovo Thinkpad X13s laptops powered by the Qualcomm Snapdragon system-on-a-chip.

Schools in the UK have suffered a cyberattacks, and confidential documents have been leaked online by cybercriminals. In total over 14 schools have been victimised by the gang by the vice society threat actors.

Slack has suffered a data breach but reassured customers that their data was not affected by the incident. Slack, in an announcement, explained how an unknown threat acted to obtain Slack employee tokens and used them to access private GitHub repositories. But, the repositories did not hold Slack’s primary codebase or customer data.

This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter