Afternoon Dessert - 2022-07-06

Welcome to another Afternoon Dessert breakout:

OpenSSL Releases Patch for High-Severity Bug that Could Lead to RCE Attacks
The maintainers of the OpenSSL project have released patches to address a high-severity bug in the cryptographic library that could potentially lead to remote code execution under certain scenarios. The issue, now assigned the identifier CVE-2022-2274, has been described as a case of heap memory corruption with RSA private key operation that was introduced in OpenSSL version 3.0.4 released on
Read more....

Hackers Abusing BRc4 Red Team Penetration Tool in Attacks to Evade Detection
Malicious actors have been observed abusing legitimate adversary simulation software in their attacks in an attempt to stay under the radar and evade detection. Palo Alto Networks Unit 42 said a malware sample uploaded to the VirusTotal database on May 19, 2022, contained a payload associated with Brute Ratel C4, a relatively new sophisticated toolkit "designed to avoid detection by endpoint
Read more....

HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains
Vulnerability coordination and bug bounty platform HackerOne on Friday disclosed that a former employee at the firm improperly accessed security reports submitted to it for personal gain. "The person anonymously disclosed this vulnerability information outside the HackerOne platform with the goal of claiming additional bounties," it said. "In under 24 hours, we worked quickly to contain the
Read more....

US govt warns of Maui ransomware attacks against healthcare orgs
The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. [...]
Read more....

Google patches “in-the-wild” Chrome zero-day – update now!
Running Chrome? Do the "Help-About-Update" dance move right now, just to be sure...
Read more....

Marriott confirms data breach and a failed extortion attempt
Hotel giant Marriott International confirmed this week that it was hit by another data breach after an unknown threat actor managed to breach one of its properties and steal 20 GB worth of files. [...]
Read more....

OpenSSL fixes two “one-liner” crypto bugs – what you need to know
"As bad as Heartbleed"? We heard that concern a week ago, but we think it's less ungood than that...
Read more....

NIST Announces First Four Quantum-Resistant Cryptographic Algorithms
The U.S. Department of Commerce's National Institute of Standards and Technology (NIST) has chosen the first set of quantum-resistant encryption algorithms that are designed to "withstand the assault of a future quantum computer." The post-quantum cryptography (PQC) technologies include the CRYSTALS-Kyber algorithm for general encryption, and CRYSTALS-Dilithium, FALCON, and SPHINCS+ for digital
Read more....

Ransomware gangs, APT groups ditch Cobalt Strike for Brute Ratel
APT hacking groups and ransomware operations are moving away from Cobalt Strike to the newer Brute Ratel post-exploitation toolkit to evade detection by EDR and antivirus solutions. [...]
Read more....

Apple’s new Lockdown Mode defends against government spyware
Apple announced that a new security feature known as Lockdown Mode will roll out with iOS 16, iPadOS 16, and macOS Ventura to protect high-risk individuals like human rights defenders, journalists, and dissidents against targeted spyware attacks. [...]
Read more....