Afternoon Dessert - 2022-09-23

Welcome to another Afternoon Dessert breakout:

S3 Ep101: Uber and LastPass breaches – is 2FA all it’s cracked up to be? [Audio + Text]
Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...
Read more....

Researchers Uncover New Metador APT Targeting Telcos, ISPs, and Universities
A previously undocumented threat actor of unknown origin has been linked to attacks targeting telecom, internet service providers, and universities across multiple countries in the Middle East and Africa. "The operators are highly aware of operations security, managing carefully segmented infrastructure per victim, and quickly deploying intricate countermeasures in the presence of security
Read more....

Ukraine dismantles hacker gang that stole 30 million accounts
The cyber department of Ukraine's Security Service (SSU) has taken down a group of hackers that stole accounts of about 30 million individuals and sold them on the dark web. [...]
Read more....

Hackers Using Fake CircleCI Notifications to Hack GitHub Accounts
GitHub has put out an advisory detailing what may be an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. The Microsoft-owned code hosting service said it learned of the attack on September 16, 2022, adding the campaign impacted "many victim organizations." The fraudulent messages claim to
Read more....

Microsoft: Windows KB5017383 preview update added to WSUS by mistake
Microsoft says that KB5017383, this month's Windows preview update, has been accidentally listed in Windows Server Update Services (WSUS) and may lead to security update install problems in some managed environments. [...]
Read more....

Morgan Stanley fined millions for selling off devices full of customer PII
Critical data on old disks always seems inaccessible if you really need it. But when you DON''T want it back, guess what happens...
Read more....

Signal calls on users to run proxies for bypassing Iran blocks
Signal is urging its global community to help people in Iran stay connected with each other and the rest of the world by volunteering proxies to bypass the aggressive restrictions imposed by the Iranian regime. [...]
Read more....

Sophos warns of new firewall RCE bug exploited in attacks
Sophos warned today that a critical code injection security vulnerability in the company's Firewall product is being exploited in the wild. [...]
Read more....

npm packages used by crypto exchanges compromised
Multiple npm packages published by the crypto exchange, dYdX, and used by at least 44 cryptocurrency projects, appear to have been compromised. Powered by the Ethereum blockchain, dydX is a decentralized exchange platform offering perpetual trading options for over 35 popular cryptocurrencies including Bitcoin (BTC) and Ether (ETH). [...]
Read more....

YouTube outage: Live streams down for many around the world
YouTube is currently experiencing a worldwide outage, with thousands of reports saying they cannot access live streams. [...]
Read more....

UK Police arrests teen believed to be behind Uber, Rockstar hacks
The City of London police announced on Twitter today the arrest of a British 17-year-old teen suspected of being involved in recent cyberattacks. [...]
Read more....