Afternoon Dessert - 2022-08-02

Welcome to another Afternoon Dessert breakout:

Activists use torrents to spread uncensored news to Russian pirates
 A team of Ukrainian cyber-activists has thought of a simple yet potentially effective way to spread uncensored information in Russia: bundling torrents with text and video files pretending to include installation instructions. [...]
Read more....

EU missile maker MBDA confirms data theft extortion, denies breach
MBDA, one of the largest missile developers and manufacturers in Europe, has responded to rumors about a cyberattack on its infrastructure saying that claims of a breach of its systems are false. [...]
Read more....

Microsoft announces new external attack surface audit tool
Microsoft has announced a new security product allowing security teams to spot Internet-exposed resources in their organization's environment that attackers could use to breach their networks. [...]
Read more....

New 'ParseThru' Parameter Smuggling Vulnerability Affects Golang-based Applications
Security researchers have discovered a new vulnerability called ParseThru affecting Golang-based applications that could be abused to gain unauthorized access to cloud-based applications. "The newly discovered vulnerability allows a threat actor to bypass validations under certain conditions, as a result of the use of unsafe URL parsing methods built in the language," Israeli cybersecurity firm
Read more....

Mobile store owner hacked T-Mobile employees to unlock phones
A former owner of a T-Mobile retail store in California has been found guilty of a $25 million scheme where he illegally accessed T-Mobile's internal systems to unlock and unblock cell phones. [...]
Read more....

VMware urges admins to patch critical auth bypass bug immediately
VMware has warned admins today to patch a critical authentication bypass security flaw affecting local domain users in multiple products and enabling unauthenticated attackers to gain admin privileges. [...]
Read more....

Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike
Researchers have disclosed a new offensive framework called Manjusaka that they call a "Chinese sibling of Sliver and Cobalt Strike." "A fully functional version of the command-and-control (C2), written in GoLang with a User Interface in Simplified Chinese, is freely available and can generate new implants with custom configurations with ease, increasing the likelihood of wider adoption of this
Read more....

New 'ParseThru' Parameter Smuggling Vulnerability Affects Golang-based Applications
Security researchers have discovered a new vulnerability called ParseThru affecting Golang-based applications that could be abused to gain unauthorized access to cloud-based applications. "The newly discovered vulnerability allows a threat actor to bypass validations under certain conditions, as a result of the use of unsafe URL parsing methods built in the language," Israeli cybersecurity firm
Read more....

Wolf in sheep’s clothing: how malware tricks users and antivirus
One of the primary methods used by malware distributors to infect devices is by deceiving people into downloading and running malicious files, and to achieve this deception, malware authors are using a variety of tricks. [...]
Read more....

Cryptocoin “token swapper” Nomad loses $200 million in coding blunder
Transactions were only approved, it seems, if they were initiated by... errrrr, by anyone.
Read more....

Semiconductor manufacturer Semikron hit by LV ransomware attack
German power electronics manufacturer Semikron has disclosed that it was hit by a ransomware attack that partially encrypted the company's network. [...]
Read more....