Welcome to CyberIntelMag’s weekly roundup! A place where you can find the most important stories in the cybersecurity world from the past week.
The Good News
This week’s good news includes the implementation of stricter rules for the physical and cyber resilience of critical networks and entities, Oracle launching its first security update for 2023, NIST releasing potential updates, flaws in OpenText ECM being addressed, and much more.
- The recent implementation of two significant directives on critical and digital infrastructure will increase the EU’s resilience to online and offline threats, such as cyberattacks, criminality, hazards to public health, and natural disasters.
- With 327 new security updates, Oracle released its first Critical Patch Update for 2023. More than 70 fixes deal with vulnerabilities of a critical nature.
- The National Institute of Standards and Technology declared its intention to update its Cybersecurity Framework document with a focus on ensuring that all economic sectors are included in cyberdefense.
- Federal officials detained the creator of Bitzlato, a cryptocurrency exchange they claim served as a haven for criminals with links to Russia who were selling drugs and ransomware on the dark web.
- Enterprise Content Management (ECM) system from OpenText had many severe and high-impact vulnerabilities, including several that permit unauthenticated remote code execution. However, they have been addressed now.
- A total of four vulnerabilities in Drupal core and three plugins that might allow unauthorized access to data were fixed via software updates.
The Bad News
This week’s bad news includes hackers stealing clients’ secrets and encryption keys of CircleCi, Vice Society ransomware leaking the data from UDE, almost 300 MSI motherboards missing Secure Bot, NFT influencer’s crypto wallet being emptied by Google Ads malware, TP-Link and Netcomm routers having severe flaws, MailChimp reporting a new data breach, researchers warning about ChatGPT, hundreds of Yum Brands’ restaurants being closed in the UK because of ransomware, PayPal accounts being hacked in a widespread credential stuffing cyberattack, and much more.
- The famous software company CircleCi admitted that there was a data breach last month that led to the loss of some customer data. The hacker’s entry point was a laptop infected with malware and used by employees.
- Three malicious packages containing code to install info-stealing malware on developers’ workstations were posted by a threat actor to the PyPI (Python Package Index) repository.
- The servers hosting the software that controls the crewing and maintenance schedules of around 1,000 ships worldwide were taken down by a ransomware attack.
- The University of Duisburg-Essen (UDE) was reportedly attacked by the Vice Society ransomware gang. The threat actors made public documents that might have included essential details about the institution’s operations, students, and personnel.
- It is particularly problematic since the Secure Boot process on approximately 300 distinct PC motherboard types made by Micro-Star International (MSI) is insecure.
- Attacks aimed at a major remote code execution (RCE) vulnerability might affect more than 4,000 Sophos Firewall devices that have Internet connectivity.
- NFT influencer with the Twitter handle “@NFT_GOD” revealed that a Google Ads-delivered malware cyberattack cost thousands of dollars worth of non-fungible tokens (NFTs) and cryptocurrencies.
- Netcomm and TP-Link routers were found to contain security flaws, some of which might be exploited by a distant, unauthenticated attacker to execute code remotely.
- Security experts warn that the recently released ChatGPT artificial intelligence bot from OpenAI might be exploited to introduce a new, hazardous wave of polymorphic malware.
- After hackers obtained access to an internal customer help and account management tool, the email marketing business MailChimp had a second breach that provided threat actors access to the data of 133 clients.
- Just a few months after numerous ministries were rendered inoperable by hackers employing the Conti ransomware in a broad-scale attack, Costa Rica’s government experienced another ransomware attack.
- Several hundred restaurants in the United Kingdom had to close due to a ransomware strike on the parent company of KFC and Taco Bell, Yum Brands.
- PayPal is sending data breach notifications to thousands of people whose accounts were compromised by credential-stuffing attacks that exposed some personal information.