Welcome to another Afternoon Dessert breakout:
Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog
Cybersecurity researchers have disclosed details about a pair of vulnerabilities in Microsoft Windows, one of which could be exploited to result in a denial-of-service (DoS). The exploits, dubbed LogCrusher and OverLog by Varonis, take aim at the EventLog Remoting Protocol (MS-EVEN), which enables remote access to event logs. While the former allows "any domain user to remotely
Read more....
How the "pizza123" password could take down an organization
The breach, the bitter taste of pizza123, and the plight of malicious push notifications demand caution when selecting and managing passwords. [...]
Read more....
Zscaler outage causing heavy packet loss, connectivity issues
A Zscaler service outage is causing loss of connectivity, packet loss, and latency for customers, with no information available as to what is causing the disruption. [...]
Read more....
22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library
A high-severity vulnerability has been disclosed in the SQLite database library, which was introduced as part of a code change dating all the way back to October 2000 and could enable attackers to crash or control programs. Tracked as CVE-2022-35737 (CVSS score: 7.5), the 22-year-old issue affects SQLite versions 1.0.12 through 3.39.1, and has been addressed in version 3.39.2 released on July 21
Read more....
Hive Ransomware Hackers Begin Leaking Data Stolen from Tata Power Energy Company
The Hive ransomware-as-a-service (RaaS) group has claimed responsibility for a cyber attack against Tata Power that was disclosed by the company less than two weeks ago. The incident is said to have occurred on October 3, 2022. The threat actor has also been observed leaking stolen data exfiltrated prior to encrypting the network as part of its double extortion scheme. This allegedly comprises
Read more....
New Samsung Maintenance Mode protects your data during phone repairs
After a successful pilot program in Korea, Samsung is now rolling out 'Maintenance Mode' to select Galaxy devices globally, to help users protect their sensitive data when they hand over their smartphones at service points. [...]
Read more....
Massive cryptomining campaign abuses free-tier cloud dev resources
An automated and large-scale 'freejacking' campaign abuses free GitHub, Heroku, and Buddy services to mine cryptocurrency at the provider's expense. [...]
Read more....
VMware fixes critical Cloud Foundation remote code execution bug
VMware has released security updates today to fix a critical vulnerability in VMware Cloud Foundation, a hybrid cloud platform for running enterprise apps in private or public environments. [...]
Read more....
Dutch police arrest hacker who breached healthcare software vendor
The Dutch police have arrested a 19-year-old man in western Netherlands, suspected of breaching the systems of a healthcare software vendor in the country, and stealing tens of thousands of documents. [...]
Read more....
Microsoft: Vice Society targets schools with multiple ransomware families
A threat group known as Vice Society has been switching ransomware payloads in attacks targeting the education sector across the United States and worldwide. [...]
Read more....
Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog
Cybersecurity researchers have disclosed details about a pair of vulnerabilities in Microsoft Windows, one of which could be exploited to result in a denial-of-service (DoS). The exploits, dubbed LogCrusher and OverLog by Varonis, take aim at the EventLog Remoting Protocol (MS-EVEN), which enables remote access to event logs. While the former allows "any domain user to remotely
Read more....
How the "pizza123" password could take down an organization
The breach, the bitter taste of pizza123, and the plight of malicious push notifications demand caution when selecting and managing passwords. [...]
Read more....
Zscaler outage causing heavy packet loss, connectivity issues
A Zscaler service outage is causing loss of connectivity, packet loss, and latency for customers, with no information available as to what is causing the disruption. [...]
Read more....
22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library
A high-severity vulnerability has been disclosed in the SQLite database library, which was introduced as part of a code change dating all the way back to October 2000 and could enable attackers to crash or control programs. Tracked as CVE-2022-35737 (CVSS score: 7.5), the 22-year-old issue affects SQLite versions 1.0.12 through 3.39.1, and has been addressed in version 3.39.2 released on July 21
Read more....
Hive Ransomware Hackers Begin Leaking Data Stolen from Tata Power Energy Company
The Hive ransomware-as-a-service (RaaS) group has claimed responsibility for a cyber attack against Tata Power that was disclosed by the company less than two weeks ago. The incident is said to have occurred on October 3, 2022. The threat actor has also been observed leaking stolen data exfiltrated prior to encrypting the network as part of its double extortion scheme. This allegedly comprises
Read more....
New Samsung Maintenance Mode protects your data during phone repairs
After a successful pilot program in Korea, Samsung is now rolling out 'Maintenance Mode' to select Galaxy devices globally, to help users protect their sensitive data when they hand over their smartphones at service points. [...]
Read more....
Massive cryptomining campaign abuses free-tier cloud dev resources
An automated and large-scale 'freejacking' campaign abuses free GitHub, Heroku, and Buddy services to mine cryptocurrency at the provider's expense. [...]
Read more....
VMware fixes critical Cloud Foundation remote code execution bug
VMware has released security updates today to fix a critical vulnerability in VMware Cloud Foundation, a hybrid cloud platform for running enterprise apps in private or public environments. [...]
Read more....
Dutch police arrest hacker who breached healthcare software vendor
The Dutch police have arrested a 19-year-old man in western Netherlands, suspected of breaching the systems of a healthcare software vendor in the country, and stealing tens of thousands of documents. [...]
Read more....
Microsoft: Vice Society targets schools with multiple ransomware families
A threat group known as Vice Society has been switching ransomware payloads in attacks targeting the education sector across the United States and worldwide. [...]
Read more....