Afternoon Dessert - 2022-08-10

Welcome to another Afternoon Dessert breakout:

Hackers Behind Twilio Breach Also Targeted Cloudflare Employees
Web infrastructure company Cloudflare on Tuesday disclosed at least 76 employees and their family members received text messages on their personal and work phones bearing similar characteristics as that of the sophisticated phishing attack against Twilio. The attack, which transpired around the same time Twilio was targeted, came from four phone numbers associated with T-Mobile-issued SIM cards
Read more....

Experts Uncover Details on Maui Ransomware Attack by North Korean Hackers
The first ever incident possibly involving the ransomware family known as Maui occurred on April 15, 2021, aimed at an unnamed Japanese housing company. The disclosure from Kaspersky arrives a month after U.S. cybersecurity and intelligence agencies issued an advisory about the use of the ransomware strain by North Korean government-backed hackers to target the healthcare sector since at least
Read more....

Microsoft 365 outage triggered by Meraki firewall false positive
An ongoing outage affects multiple Microsoft 365 services, blocking users from connecting to Exchange Online, Microsoft Teams, Outlook desktop clients, and OneDrive for Business. [...]
Read more....

Former Twitter Employee Found Guilty of Spying for Saudi Arabia
A former Twitter employee has been pronounced guilty for his role in digging up private information pertaining to certain Twitter users and turning over that data to Saudi Arabia. Ahmad Abouammo, 44, was convicted by a jury after a two-week trial in San Francisco federal court, Bloomberg reported Tuesday. He faces up to 20 years in prison when sentenced. The verdict comes nearly three years
Read more....

Google now blocks Workspace account hijacking attempts automatically
Google Workspace (formerly G Suite) now comes with stronger protections for risky account actions, automatically blocking hijacking attempts with identity verification prompts and logging them for further investigation. [...]
Read more....

Phishing attack abuses Microsoft Azure, Google Sites to steal crypto
A new large-scale phishing campaign targeting Coinbase, MetaMask, Kraken, and Gemini users is abusing Google Sites and Microsoft Azure Web App to create fraudulent sites. [...]
Read more....

APIC/EPIC! Intel chips leak secrets even the kernel shouldn’t see…
If you've ever written code that left stuff lying around in memory when you didn't need it any more... we bet you've regretted it!
Read more....

Cisco fixes bug allowing RSA private key theft on ASA, FTD devices
Cisco has addressed a high severity vulnerability affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. [...]
Read more....

Hacker uses new RAT malware in Cuba Ransomware attacks
A member of the Cuba ransomware operation is employing previously unseen tactics, techniques, and procedures (TTPs), including a novel RAT (remote access trojan) and a new local privilege escalation tool. [...]
Read more....