Afternoon Dessert - 2022-08-16

Welcome to another Afternoon Dessert breakout:

CS:GO trading site hacked to steal $6 million worth of skins
CS.MONEY, one of the largest platforms for trading CS:GO skins, has taken its website offline after a cyberattack allowed hackers to loot 20,000 items worth approximately $6,000,000. [...]
Read more....

The Benefits of Making Password Strength More Transparent
Google is in the process of developing a password strength indicator for its Chrome browser. The good news is that there is an easy way of starting users down the road to using strong passwords even before the new version of Chrome is released. [...]
Read more....

ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors
A group of researchers has revealed details of a new vulnerability affecting Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. Dubbed ÆPIC Leak, the weakness is the first-of-its-kind to architecturally disclose sensitive data in a manner that's akin to an "uninitialized memory read in the CPU itself." "In contrast to transient execution
Read more....

New Evil PLC Attack Weaponizes PLCs to Breach OT and Enterprise Networks
Cybersecurity researchers have elaborated a novel attack technique that weaponizes programmable logic controllers (PLCs) to gain an initial foothold in engineering workstations and subsequently invade the operational technology (OT) networks. Dubbed "Evil PLC" attack by industrial security firm Claroty, the issue impacts engineering workstation software from Rockwell Automation, Schneider
Read more....

New MailChimp breach exposed DigitalOcean customer email addresses
DigitalOcean is warning customers that a recent MailChimp security breach exposed the email addresses of some customers, with a small number receiving unauthorized password resets. [...]
Read more....

Zoom for Mac patches get-root bug – update now!
There's many a slip 'twixt the cup and the lip. Or at least between the TOC and the TOU...
Read more....

US offers reward “up to $10 million” for information about the Conti gang
Wanted - Reward Offered - Five unknown individuals (plus a man with a weird hat)
Read more....

Malicious browser extensions targeted almost 7 million people
Almost 7 million users have attempted to install malicious browser extensions since 2020, with 70% of those extensions used as adware to target users with advertisements. [...]
Read more....