Afternoon Dessert - 2022-08-11

Welcome to another Afternoon Dessert breakout:

Access to hacked corporate networks still strong but sales fall
Statistics collected by cyber-intelligence firm KELA during this year's second quarter show that marketplaces selling initial access to corporate networks have taken a blow. [...]
Read more....

APIC/EPIC! Intel chips leak secrets even the kernel shouldn’t see…
If you've ever written code that left stuff lying around in memory when you didn't need it any more... we bet you've regretted it!
Read more....

S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
Latest episode - listen now! (Or read the transcript if you prefer.)
Read more....

Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang
Networking equipment major Cisco on Wednesday confirmed it was the victim of a cyberattack on May 24, 2022 after the attackers got hold of an employee's personal Google account that contained passwords synced from their web browser. "Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee's personal Google account," Cisco Talos said in a detailed write-up.
Read more....

Hackers Behind Cuba Ransomware Attacks Using New RAT Malware
Threat actors associated with the Cuba ransomware have been linked to previously undocumented tactics, techniques and procedures (TTPs), including a new remote access trojan called ROMCOM RAT on compromised systems. The new findings come from Palo Alto Networks' Unit 42 threat intelligence team, which is tracking the double extortion ransomware group under the constellation-themed moniker 
Read more....

UK NHS service recovery may take a month after MSP ransomware attack
Managed service provider (MSP) Advanced confirmed that a ransomware attack on its systems caused the disruption of emergency services (111) from the United Kingdom's National Health Service (NHS). [...]
Read more....

FBI: Zeppelin ransomware may encrypt devices multiple times in attacks
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned US organizations today that attackers deploying Zeppelin ransomware might encrypt their files multiple times. [...]
Read more....

Conti Cybercrime Cartel Using 'BazarCall' Phishing Attacks as Initial Attack Vector
Three different offshoots of the notorious Conti cybercrime cartel have resorted to the technique of call-back phishing as an initial access vector to breach targeted networks. "Three autonomous threat groups have since adopted and independently developed their own targeted phishing tactics derived from the call back phishing methodology," cybersecurity firm AdvIntel said in a Wednesday report.
Read more....

Microsoft 365 version 2206 update pulled due to apps crashing
Microsoft has pulled the Microsoft 365 version 2206 update after users report their Office applications are crashing when viewing a contact card or hovering over a user's name or photo. [...]
Read more....