Vulnerability Summary for the Week of August 29, 2022

advancecomp — advancecomp Advancecomp v2.3 was discovered to contain a segmentation fault. 2022-08-29 not yet calculated CVE-2022-35019 MISC MISC advancecomp — advancecomp Advancecomp v2.3 was discovered to contain a segmentation fault. 2022-08-29 not yet calculated CVE-2022-35018 MISC MISC advancecomp — advancecomp Advancecomp v2.3 was discovered to contain a heap buffer overflow. 2022-08-29 not yet calculated […]

North Korean Lazarus Hackers Targeting Energy Providers Around the World

north-korean-lazarus-hackers-targeting-energy-providers-around-the-world

A malicious campaign mounted by the North Korea-linked Lazarus Group targeted energy providers around the world, including those based in the United States, Canada, and Japan, between February and July 2022. “The campaign is meant to infiltrate organizations around the world for establishing long-term access and subsequently exfiltrating data of interest to the adversary’s nation-state,” […]

Chinese Hackers Target Government Officials in Europe, South America, and Middle East

chinese-hackers-target-government-officials-in-europe,-south-america,-and-middle-east

A Chinese hacking group has been attributed to a new campaign aimed at infecting government officials in Europe, the Middle East, and South America with a modular malware known as PlugX. Cybersecurity firm Secureworks said it identified the intrusions in June and July 2022, once again demonstrating the adversary’s continued focus on espionage against governments […]

Shopify Fails to Prevent Known Breached Passwords

shopify-fails-to-prevent-known-breached-passwords

A recent report revealed that ecommerce provider, Shopify uses particularly weak password policies on the customer-facing portion of its Website. According to the report, Shopify’s requires its customers to use a password that is at least five characters in length and that does not begin or end with a space. According to the report, Specops […]

Hackers Repeatedly Targeting Financial Services in French-Speaking African Countries

hackers-repeatedly-targeting-financial-services-in-french-speaking-african-countries

Major financial and insurance companies located in French-speaking nations in Africa have been targeted over the past two years as part of a persistent malicious campaign codenamed DangerousSavanna. Countries targeted include Ivory Coast, Morocco, Cameroon, Senegal, and Togo, with the spear-phishing attacks heavily focusing on Ivory Coast in recent months, Israeli cybersecurity firm Check Point […]

Microsoft Warns of Ransomware Attacks by Iranian Phosphorus Hacker Group

microsoft-warns-of-ransomware-attacks-by-iranian-phosphorus-hacker-group

Microsoft’s threat intelligence division on Wednesday assessed that a subgroup of the Iranian threat actor tracked as Phosphorus is conducting ransomware attacks as a “form of moonlighting” for personal gain. The tech giant, which is monitoring the activity cluster under the moniker DEV-0270 (aka Nemesis Kitten), said it’s operated by a company that functions under […]

Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products

cisco-releases-security-patches-for-new-vulnerabilities-impacting-multiple-products

Cisco on Wednesday rolled out patches to address three security flaws affecting its products, including a high-severity weakness disclosed in NVIDIA Data Plane Development Kit (MLNX_DPDK) late last month. Tracked as CVE-2022-28199 (CVSS score: 8.6), the vulnerability stems from a lack of proper error handling in DPDK’s network stack, enabling a remote adversary to trigger […]

Some Members of Conti Group Targeting Ukraine in Financially Motivated Attacks

some-members-of-conti-group-targeting-ukraine-in-financially-motivated-attacks

Former members of the Conti cybercrime cartel have been implicated in five different campaigns targeting Ukraine from April to August 2022. The findings, which come from Google’s Threat Analysis Group (TAG), builds upon a prior report published in July 2022 detailing the continued cyber activity aimed at the Eastern European nation amid the ongoing Russo-Ukrainian […]

Authorities Shut Down WT1SHOP Site for Selling Stolen Credentials and Credit Cards

authorities-shut-down-wt1shop-site-for-selling-stolen-credentials-and-credit-cards

An international law enforcement operation has resulted in the dismantling of WT1SHOP, an online criminal marketplace that specialized in the sales of stolen login credentials and other personal information. The seizure was orchestrated by Portuguese authorities, with the U.S. officials taking control of four domains used by the website: “wt1shop[.]net,” “wt1store[.]cc,” “wt1store[.]com,” and “wt1store[.]net.” The […]

New Stealthy Shikitega Malware Targeting Linux Systems and IoT Devices

new-stealthy-shikitega-malware-targeting-linux-systems-and-iot-devices

A new piece of stealthy Linux malware called Shikitega has been uncovered adopting a multi-stage infection chain to compromise endpoints and IoT devices and deposit additional payloads. “An attacker can gain full control of the system, in addition to the cryptocurrency miner that will be executed and set to persist,” AT&T Alien Labs said in […]