TheCyberThrone Security Week In Review – February 19th, 2023
Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings . This review is for the week ending Saturday, February 11th, 2023.
Trellix is urging customers to patch a high-severity flaw that allows local attackers to bypass restrictions and exfiltrate sensitive data. The flaw tracked as CVE-2023-0400 with a CVSS score of 8.2 impacts Windows versions of Trellix DLP (11.9.x), released in August 2022. Customers are urged to upgrade to Trellix for Windows 11.10.0 which mitigates the flaw. Though it is rated high, Trellix believes the flaw poses less of a threat rating it medium severity. The primary reasoning for the Trellix rating is that the vulnerability is only exploitable during the installation of the product.
2. Play Ransomware Havoc on A10 Networks
The Play ransomware group listed networking firm A10 Networks on its leak site after briefly gaining access to the company’s IT infrastructure. The leak site claims the group has private and personal confidential data, a lot of technical documentation, agreements, and employee and client documents.
3. Breach in Pepsi Bottling Ventures
Pepsi Bottling Ventures network has been breached by the threat actors and they successfully installed info-stealing malware. The security incident happened on or around December 23rd, 2022, and the team discovered it 18 days later, on January 10th, 2023. It took the IT team another 9 days to remediate the breach and secure the system. So, the hackers had around 27 days to exploit the data breach.
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day.
4. Microsoft patch Tuesday -February 2023 – Valentine’s Day Special
Microsoft addresses 75 CVEs as a part of this year’s special Valentine’s Day Patch Tuesday includes fixes for a whopping three different zero-day vulnerabilities that are already being used in active attacks.
5. Russia’s Ugly Face Showcased by DDoS Attack on EarthQuake Relief Sites
Killnet has claimed responsibility for DDoS attacks that disrupted North Atlantic Treaty Organization earthquake relief operations in Turkey and Syria. The overwhelming majority of countries are providing humanitarian relief, but not so Russia, who has instead thought it was acceptable to disrupt NATO relief efforts. Even amid a dirty war in Ukraine with multiple reports of civilian massacres, interfering with earthquake relief efforts with tens of thousands of civilian deaths is a new low, even for Russia.
6. CISA Known Exploited Vulnerabilities Catalog Update – 3rd Update February 2023
The US CISA added the following actively exploited flaws to its Known Exploited Vulnerabilities Catalog: CVE-2022-46169, CVE-2023-21715, CVE-2023-23376, CVE-2023-21823, CVE-2023-23529
This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram