Afternoon Dessert - 2022-09-08

Welcome to another Afternoon Dessert breakout:

North Korean Lazarus Hackers Targeting Energy Providers Around the World
A malicious campaign mounted by the North Korea-linked Lazarus Group is targeting energy providers around the world, including those based in the United States, Canada, and Japan. “The campaign is meant to infiltrate organizations around the world for establishing long-term access and subsequently exfiltrating data of interest to the adversary’s nation-state,” Cisco Talos said in a report shared
Read more....

North Korean Lazarus hackers take aim at U.S. energy providers
The North Korean APT group 'Lazarus' (APT38) is exploiting VMWare Horizon servers to access the corporate networks of energy providers in the United States, Canada, and Japan. [...]
Read more....

Classified NATO documents stolen from Portugal, now sold on darkweb
The Armed Forces General Staff agency of Portugal (EMGFA) has suffered a cyberattack that allegedly allowed the theft of classified NATO documents, which are now sold on the dark web. [...]
Read more....

Over 80% of the top websites leak user searches to advertisers
Security researchers at Norton Labs have found that roughly eight out of ten websites featuring a search bar will leak their visitor's search terms to online advertisers like Google. [...]
Read more....

S3 Ep99: TikTok “attack” – was there a data breach, or not? [Audio + Text]
Latest episode - listen now! (Or read if you prefer - full transcript inside.)
Read more....

Microsoft: Iranian hackers encrypt Windows systems using BitLocker
Microsoft says an Iranian state-sponsored threat group it tracks as DEV-0270 (aka Nemesis Kitten) has been abusing the BitLocker Windows feature in attacks to encrypt victims' systems. [...]
Read more....

Microsoft rolls out emergency fix for blocked Windows logins
Microsoft says a Windows 11 update released in late August is blocking customers from signing in with newly added Microsoft Account users after restarting or logging off systems running Windows 11, version 21H2. [...]
Read more....

US recovers $30 million stolen from Axie Infinity by Lazarus hackers
With the help of blockchain analysts and FBI agents, the U.S. government seized $30 million worth of cryptocurrency stolen by the North Korean threat group 'Lazarus' from the token-based 'play-to-earn' game Axie Infinity earlier in the year. [...]
Read more....

New Vulnerabilities Reported in Baxter's Internet-Connected Infusion Pumps
Multiple security vulnerabilities have been disclosed in Baxter's internet-connected infusion pumps used by healthcare professionals in clinical environments to dispense medication to patients. "Successful exploitation of these vulnerabilities could result in access to sensitive data and alteration of system configuration," the U.S. Cybersecurity and Infrastructure Security Agency (CISA) said in
Read more....