Afternoon Dessert - 2022-08-22

Welcome to another Afternoon Dessert breakout:

Meet Borat RAT, a New Unique Triple Threat
Atlanta-based cyber risk intelligence company, Cyble discovered a new Remote Access Trojan (RAT) malware. What makes this particular RAT malware distinct enough to be named after the comic creation of Sacha Baron Cohen? RAT malware typically helps cybercriminals gain complete control of a victim's system, permitting them to access network resources, files, and power to toggle the mouse and
Read more....

"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered
Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is "as nasty as Dirty Pipe." Dubbed DirtyCred by a group of academics from Northwestern University, the security weakness exploits a previously unknown flaw (CVE-2022-2588) to escalate privileges to the maximum level. "DirtyCred is a kernel exploitation concept that swaps unprivileged 
Read more....

LockBit ransomware blames Entrust for DDoS attacks on leak sites
The LockBit ransomware operation's data leak sites have been shut down over the weekend due to a DDoS attack telling them to remove Entrust's allegedly stolen data. [...]
Read more....

Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts
Budget Android device models that are counterfeit versions associated with popular smartphone brands are harboring multiple trojans designed to target WhatsApp and WhatsApp Business messaging apps. The trojans, which Doctor Web first came across in July 2022, were discovered in the system partition of at least four different smartphones: P48pro, radmi note 8, Note30u, and Mate40, was "These
Read more....

Greek natural gas operator suffers ransomware-related data breach
Greece's largest natural gas distributor DESFA confirmed on Saturday that they suffered a limited scope data breach and IT system outage following a cyberattack. [...]
Read more....

SpaceX Starlink 'train' of satellites illuminates Northwest skies
Residents of Northwestern parts of the U.S. and Canada were baffled at seeing a bright trail of lights—almost like a train flying through the skies over the weekend. The mystery seems to have now been resolved. And, it's not the aliens. This moving cluster comprises SpaceX's 53 Starlink satellites launched from Florida this Friday. [...]
Read more....

Laptop denial-of-service via music: the 1980s R&B song with a CVE!
We haven't validated this vuln ourselves... but the source of the story is impeccable. (Impeccably dressed, at least.)
Read more....

Misconfigured Meta Pixel exposed healthcare data of 1.3M patients
U.S. healthcare provider Novant Health has disclosed a data breach impacting 1,362,296 individuals who have had their sensitive information mistakenly collected by the Meta Pixel ad tracking script. [...]
Read more....

FBI warns of residential proxies used in credential stuffing attacks
The Federal Bureau of Investigation (FBI) warns of a rising trend of cybercriminals using residential proxies to conduct large-scale credential stuffing attacks without being tracked, flagged, or blocked. [...]
Read more....