TheCyberThrone Security Week In Review– June 10, 2023
Share this:
Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, June 10, 2023.
1. Google Fixes Third Chrome Zeroday
Google has released security updates to address a high severity vulnerability, tracked as CVE-2023-3079, in its Chrome web browser. The vulnerability is a type confusion issue that resides in the V8 JavaScript engine. Google is aware that the vulnerability is being actively exploited in the wild. The vulnerability has reported on June 1, 2023, it is likely that the flaw was exploited as part of an exploit used by a state-sponsored APT group.
2. BlackSuit Ransomware Dissection
Researchers have discovered a new ransomware family called BlackSuit, targeting both Windows and Linux users. It shares the similarities with the notorious Royal ransomware, which suggests it may be a new affiliate or reuse of Royal’s source code.
Researchers share the findings after analyzing a Windows 32-bit version and an ESXi 64-bit version of BlackSuit, and it appends the file extension .blacksuit to encrypted files and leaves a ransom note that includes information about the attack, a unique ID for the victim, and a TOR chat site link for communication. The malware operators use a data leak site to post leaked data in case a victim does not pay the ransom. Although, as of now, this leak site shows just a single victim.
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
3. MoveIt Vulnerability Dissection
Moveit Vulnerability Exploited in Wild
Moveit Attributed to Lace Tempest
MoveIt Second New SQL Vulnerability ! Patch It
4. Anonymous Sudan Claims Responsible for Outlook Outages
On Monday 5th June 2023, there are wide-spread Microsoft Outlook outages, and it is claimed by hacktivist threat operation Anonymous Sudan to be caused by DDoS attacks.
Anonymous Sudan said that the DDoS attacks against Microsoft were in retaliation for the U.S. government’s involvement in the internal affairs of Sudan, even though Microsoft has attributed the outages to technical issues.
This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram
