Afternoon Dessert - 2022-08-05

Welcome to another Afternoon Dessert breakout:

DuckDuckGo browser now blocks all third-party Microsoft trackers
DuckDuckGo announced today that they will now be blocking all third-party Microsoft tracking scripts in their privacy browser after failing to block them in the past. [...]
Read more....

Facebook finds new Android malware used by APT hackers
Meta (Facebook) has released its Q2 2022 adversarial threat report, and among the highlights is the discovery of two cyber-espionage clusters connected to hacker groups known as 'Bitter APT' and APT36 (aka 'Transparent Tribe') using new Android malware. [...]
Read more....

Iranian Hackers likely Behind Disruptive Cyberattacks Against Albanian Government
A threat actor working to further Iranian goals is said to have been behind a set of disruptive cyberattacks against Albanian government services in mid-July 2022. Cybersecurity firm Mandiant said the malicious activity against a NATO state represented a "geographic expansion of Iranian disruptive cyber operations." The July 17 attacks, according to Albania's National Agency of Information
Read more....

Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage
A threat actor is said to have "highly likely" exploited a security flaw in an outdated Atlassian Confluence server to deploy a never-before-seen backdoor against an unnamed organization in the research and technical services sector. The attack, which transpired over a seven-day-period during the end of May, has been attributed to a threat activity cluster tracked by cybersecurity firm Deepwatch
Read more....

GitHub blighted by “researcher” who created thousands of malicious projects
If you spew projects laced with hidden malware into an open source repository, don't waste your time telling us "no harm done" afterwards.
Read more....

S3 Ep94: This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text]
Latest episode - listen now! (Or read if that's what you prefer.)
Read more....

Twitter confirms zero-day used to expose data of 5.4 million accounts
Twitter has confirmed a recent data breach was caused by a now-patched zero-day vulnerability used to link email addresses and phone numbers to users' accounts, allowing a threat actor to compile a list of 5.4 million user account profiles. [...]
Read more....

Hackers are actively exploiting password-stealing flaw in Zimbra
The Cybersecurity and Infrastructure Security Agency (CISA) has added the Zimbra CVE-2022-27824 flaw to its 'Known Exploited Vulnerabilities Catalog,' indicating that it is actively exploited in attacks by hackers. [...]
Read more....

Slack resets passwords after exposing hashes in invitation links
Slack notified roughly 0.5% of its users that it reset their passwords after fixing a bug exposing salted password hashes when creating or revoking shared invitation links for workspaces. [...]
Read more....

Traffic Light Protocol for cybersecurity responders gets a revamp
Traffic lights make a handy global metaphor for denoting the sensitivity of cybersecurity threat data - three colours that everyone knows.
Read more....