Afternoon Dessert - 2022-10-17

Welcome to another Afternoon Dessert breakout:

Researchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages
New research has disclosed what's being called a security vulnerability in Microsoft 365 that could be exploited to infer message contents due to the use of a broken cryptographic algorithm. "The [Office 365 Message Encryption] messages are encrypted in insecure Electronic Codebook (ECB) mode of operation," Finnish cybersecurity company WithSecure said in a report published last week. Office 365
Read more....

Why Crypto Winter is No Excuse to Let Your Cyber Defenses Falter
Don’t let the ongoing “crypto winter” lull you into a false sense of cybersecurity. Even as cryptocurrencies lose value — and some crypto companies file for bankruptcy — cryptojacking still poses an urgent threat to enterprises across industries, from financial services to healthcare to industry 4.0 and beyond.  Broadly speaking, cryptojacking is defined as the unauthorized and illegitimate use
Read more....

New Prestige Ransomware Targeting Polish and Ukrainian Organizations
A new ransomware campaign targeted the transportation and logistics sectors in Ukraine and Poland on October 11 with a previously unknown payload dubbed Prestige. "The activity shares victimology with recent Russian state-aligned activity, specifically on affected geographies and countries, and overlaps with previous victims of the FoxBlade malware (also known as HermeticWiper)," the Microsoft
Read more....

Black Basta Ransomware Hackers Infiltrates Networks via Qakbot to Deploy Brute Ratel C4
The threat actors behind the Black Basta ransomware family have been observed using the Qakbot trojan to deploy the Brute Ratel C4 framework as a second-stage payload in recent attacks. The development marks the first time the nascent adversary simulation software is being delivered via a Qakbot infection, cybersecurity firm Trend Micro said in a technical analysis released last week. The
Read more....

Venus Ransomware targets publicly exposed Remote Desktop services
Threat actors behind the relatively new Venus Ransomware are hacking into publicly-exposed Remote Desktop services to encrypt Windows devices. [...]
Read more....

Ransomware attack halts circulation of some German newspapers
German newspaper 'Heilbronn Stimme' published today's 28-page issue in e-paper form after a Friday ransomware attack crippled its printing systems. [...]
Read more....

Police dismantles criminal ring that hacked keyless cars
Authorities from France, Latvia, and Spain arrested 31 suspects believed to be part of a car theft ring that targeted vehicles from two French car manufacturers. [...]
Read more....

Fashion brand SHEIN fined $1.9m for lying about data breach
Is "pay a small fine and keep on trading" a sufficient penalty for letting a breach happen, impeding an investigation, and hiding the truth?
Read more....

Serious Security: Microsoft Office 365 attacked over feeble encryption
How 2022 is your encryption?
Read more....

Windows Mark of the Web bypass zero-day gets unofficial patch
A free unofficial patch has been released through the 0patch platform to address an actively exploited zero-day flaw in the Windows Mark of the Web (MotW) security mechanism. [...]
Read more....

Australian insurance firm Medibank confirms ransomware attack
Health insurance provider Medibank has confirmed that a ransomware attack is responsible for last week's cyberattack and disruption of online services. [...]
Read more....