Afternoon Dessert - 2022-07-21

Welcome to another Afternoon Dessert breakout:

Cisco Releases Patches for Critical Flaws Impacting Nexus Dashboard for Data Centers
Cisco on Wednesday released security patches for 45 vulnerabilities affecting a variety of products, some of which could be exploited to execute arbitrary actions with elevated permissions on affected systems. Of the 45 bugs, one security vulnerability is rated Critical, three are rated High, and 41 are rated Medium in severity.  The most severe of the issues are CVE-2022-20857, CVE-2022-20858,
Read more....

Apple Releases Security Patches for all Devices Fixing Dozens of New Vulnerabilities
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is
Read more....

The New Weak Link in SaaS Security: Devices
Typically, when threat actors look to infiltrate an organization's SaaS apps, they look to SaaS app misconfigurations as a means of entry. However, employees now use their personal devices, whether their phones or laptops, etc., to get their jobs done. If the device's hygiene is not up to par, it increases the risk for the organization and widens the attack surface for bad actors. And so,
Read more....

Hackers Use Evilnum Malware to Target Cryptocurrency and Commodities Platforms
The advanced persistent threat (APT) actor tracked as Evilnum is once again exhibiting signs of renewed activity aimed at European financial and investment entities. "Evilnum is a backdoor that can be used for data theft or to load additional payloads," enterprise security firm Proofpoint said in a report shared with The Hacker News. "The malware includes multiple interesting components to evade
Read more....

FBI Seizes $500,000 Ransomware Payments and Crypto from North Korean Hackers
The U.S. Department of Justice (DoJ) has announced the seizure of $500,000 worth of Bitcoin from North Korean hackers who extorted digital payments from several organizations by using a new ransomware strain known as Maui. "The seized funds include ransoms paid by healthcare providers in Kansas and Colorado," the DoJ said in a press release issued Tuesday. The recovery of the bitcoin ransoms
Read more....

Hackers Target Ukrainian Software Company Using GoMet Backdoor
A large software development company whose software is used by different state entities in Ukraine was at the receiving end of an "uncommon" piece of malware, new research has found. The malware, first observed on the morning of May 19, 2022, is a custom variant of the open source backdoor known as GoMet and is designed for maintaining persistent access to the network. "This access could be
Read more....

How Conti ransomware hacked and encrypted the Costa Rican government
Details have emerged on how the Conti ransomware gang breached the Costa Rican government, showing the attack's precision and the speed of moving from initial access to the final stage of encrypting devices. [...]
Read more....

Google blocks site of largest computing society for being ‘harmful’
Google Search and Drive are erroneously flagging links to Association for Computing Machinery (ACM) research papers and websites as malware. BleepingComputer has successfully reproduced the issue, first reported by researcher Maximilian Golla. [...]
Read more....

Apple patches “0-day” browser bug fixed 2 weeks ago in Chrome, Edge
One vendor's zero-day is another vendor's routine patch...
Read more....

New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
A never-before-seen Linux malware has been dubbed a "Swiss Army Knife" for its modular architecture and its capability to install rootkits. This previously undetected Linux threat, called Lightning Framework by Intezer, is equipped with a plethora of features, making it one of the most intricate frameworks developed for targeting Linux systems. "The framework has both passive and active
Read more....

Chrome zero-day used to infect journalists with Candiru spyware
The Israeli spyware vendor Candiru was found using a zero-day vulnerability in Google Chrome to spy on journalists and other high-interest individuals in the Middle East with the 'DevilsTongue' spyware. [...]
Read more....

S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text]
Latest episode - listen, read or both!
Read more....

Ex-Coinbase manager charged in first crypto insider-trading case
The U.S. Department of Justice has charged a former Coinbase manager and two co-conspirators with wire fraud conspiracy and scheme to commit insider trading in cryptocurrency assets. [...]
Read more....