Afternoon Dessert - 2022-07-20

Welcome to another Afternoon Dessert breakout:

3rd Party Services Are Falling Short on Password Security
Preventing the use of weak and leaked passwords within an enterprise environment is a manageable task for your IT department, but what about other services where end-users share business-critical data in order to do their work? They could be putting your organization at risk, and the team at Specops Software decided to see for sure. [...]
Read more....

FBI recovers $500,000 healthcare orgs paid to Maui ransomware
The U.S. Department of Justice has announced the seizure of approximately $500,000 in Bitcoin, paid by American health care providers to the operators of the Maui ransomware strain. [...]
Read more....

8 months on, US says Log4Shell will be around for “a decade or longer”
When it comes to cybersecurity, ask not what everyone else can do for you...
Read more....

Last member of Gozi malware troika arrives in US for criminal trial
His co-conspirators went into and got out of prison years ago, while he remained free. Now the tables have turned...
Read more....

Google Adds Support for DNS-over-HTTP/3 in Android to Keep DNS Queries Private
Google on Tuesday officially announced support for DNS-over-HTTP/3 (DoH3) for Android devices as part of a Google Play system update designed to keep DNS queries private. To that end, Android smartphones running Android 11 and higher are expected to use DoH3 instead of DNS-over-TLS (DoT), which was incorporated into the mobile operating system with Android 9.0. DoH3 is also an alternative to
Read more....

New Rust-based Ransomware Family Targets Windows, Linux, and ESXi Systems
Kaspersky security researchers have disclosed details of a brand-new ransomware family written in Rust, making it the third strain after BlackCat and Hive to use the programming language. Luna, as it's called, is "fairly simple" and can run on Windows, Linux, and ESXi systems, with the malware banking on a combination of Curve25519 and AES for encryption. "Both the Linux and ESXi
Read more....

LinkedIn remains the most impersonated brand in phishing attacks
LinkedIn is holding the top spot for the most impersonated brand in phishing campaigns observed during the second quarter of 2022. [...]
Read more....

Google Calendar provides new way to block invitation phishing
The Google Workspace team announced today that it started rolling out a new method to block Google Calendar invitation spam, available to all customers, including legacy G Suite Basic and Business users. [...]
Read more....

Cisco fixes bug that lets attackers execute commands as root
Cisco has addressed severe vulnerabilities in the Cisco Nexus Dashboard data center management solution that can let remote attackers execute commands and perform actions with root or Administrator privileges. [...]
Read more....

Atlassian fixes critical Confluence hardcoded credentials flaw
Atlassian has patched a critical hardcoded credentials vulnerability in Confluence Server and Data Center that could let remote, unauthenticated attackers log into vulnerable, unpatched servers. [...]
Read more....

Convincing ‘YouTube’ Google ads lead to Windows support scams
A scarily realistic-looking Google Search YouTube advertisement is redirecting visitors to tech support scams pretending to be security alerts from Windows Defender. [...]
Read more....