Welcome to CyberIntelMag’s weekly roundup! A place where you can find the most important stories in the cybersecurity world from the past week.
The Good News
This week’s good news includes SickKids hospital getting a free decryptor from a ransomware gang, HarmonyOS from Huawei having around 300 vulnerabilities addressed, Synology routers getting severe bugs addressed, Lenovo BIOS and Qualcomm chipsets getting security updates, and much more.
- The LockBit ransomware group gave the Hospital for Sick Children (SickKids) a free decryptor after one of its members reportedly breached the law by attacking the facility.
- Multiple security weaknesses in Qualcomm’s chipsets were patched by the company, some of which may be used to compromise memory and leak information. The flaws also affect Lenovo ThinkPad X13s notebooks, which led the pc manufacturer to provide BIOS patches to fix the security gaps.
- An analysis revealed that HarmonyOS had more than 290 security weaknesses that were resolved in 2022, including around 100 that affected third-party libraries.
- Customers of Taiwan-based Synology, a networking and storage solutions provider, were alerted about the availability of fixes for many serious issues, including ones that were probably exploited at the Pwn2Own hacking competition.
- All new items added to buckets employing the server-side Amazon Simple Storage Service (S3) will now be automatically encrypted using AES-256 by default.
The Bad News
This week’s bad news includes the PyTorch Machine Learning framework being exploited, ransomware attacks impacting more than 200 government, education, and healthcare organizations in 2022, the Infosec community being targeted via continuous Flipper Zero phishing attacks, Raspberry Robin worm attacking the European insurance and financial sectors, new Linux malware installing cryptominers and DDoS bots, burger chain Five Guys disclosing data leak, and much more.
- Torchtriton, a dependency of PyTorch-nightly Linux packages installed using pip during that time, launched a malicious binary after being hacked on the PyPI code repository.
- Chinese-speaking scammers have been persistently preying on Chinese international students in the U.K. for more than a year as part of a scheme known as RedZei (aka RedThief).
- More than 200 hundred bigger U.S. public sector businesses in the government, education, and healthcare sectors were affected by ransomware attacks in 2022.
- Over half a million Indian job seekers’ personal information was exposed on an Elasticsearch server owned by a prominent multinational I.T. recruiting and software solution company.
- The increased interest among security professionals in Flipper Zero is being exploited by a new phishing effort to steal their cryptocurrency holdings and personal data.
- The Raspberry Robin worm targeted the financial and insurance sectors in Europe, and the malware is still evolving its post-exploitation capabilities while evading detection.
- Sensitive data stolen from a bank (Colombian cooperative bank) was being used in phishing emails as bait by a new malware campaign to install the remote access trojan BitRAT.
- The Queensland University of Technology was the target of a cyberattack. The Royal ransomware gang had taken credit for it and started leaking information acquired during the security breach.
- A new Linux malware downloader that spreads DDoS IRC bots and Monero cryptocurrency miners were developed using SHC (Shell Script Compiler). The SHC loader was employed in cyberattacks in Korea that frequently targeted Linux systems.
- Wabtec Corporation, a manufacturer of rail and locomotives in the United States, acknowledged a data breach that happened in June and resulted in losing customers’ sensitive and personal data.
- The U.S. burger chain Five Guys acknowledged a cybersecurity issue that affected job applications and may result in legal action. The company started alerting customers and authorities about the incident on December 29.
- Hackers exposed private information from 14 U.K. schools online due to cyberattacks occurring in 2022. Children’s SEN data, student passport scans, employee pay scales, and contract information were included in the leaked records.
- Seven security specialists discovered several bugs in cars manufactured by 16 different automakers, including glitches that allow them to control the car’s features and start or stop the engine.