Lunch Time Nibbles - 2022-10-27

Welcome to another Lunch Time breakout:

Australian Health Insurer Medibank Suffers Breach Exposing 3.9 Million Customers' Data
Australian health insurance firm Medibank on Wednesday disclosed that the personal information of all of its customers had been unauthorizedly accessed following a recent ransomware attack. In an update to its ongoing investigation into the incident, the firm said the attackers had access to "significant amounts of health claims data" as well as personal data belonging to its ahm health
Read more....

New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances
A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure overlapping with those associated with other groups like TeamTNT, which are known to strike misconfigured
Read more....

Apple iOS and macOS Flaw Could've Let Apps Eavesdrop on Your Conversations with Siri
A now-patched security flaw in Apple's iOS and macOS operating systems could have potentially enabled apps with Bluetooth access to eavesdrop on conversations with Siri. Apple said "an app may be able to record audio using a pair of connected AirPods," adding it addressed the Core Bluetooth issue in iOS 16.1 with improved entitlements. Credited with discovering and reporting the bug in August
Read more....

Online ticketing company “See” pwned for 2.5 years by attackers
Don't be a cybersecurity slowcoach - you need to spot possible attacks as soon as you can.
Read more....