CyberIntelMag's Threat report

Weekly Cyber Threat Report, January 3-7, 2021

Welcome to CyberIntelMag’s weekly roundup! A place where you can find the most important stories in the cybersecurity world from the past week.

The good news: This week’s good news include Microsoft releasing a fix for the Exchange Y2K22 bug, using electromagnetic emanations for detecting malware on IoT devices, HCL Technologies patching HCL DX flaws, FTC issuing alerts about Log4J attacks, effects of Log4J weaknesses being communicated by major security vendors, and much more.

  • Microsoft announced a solution for an issue (Y2K22) causing email messages to become stuck on its Exchange Server platforms, which it blamed on a date validation issue.
  • A novel strategy has been established that exploits electromagnetic field emanations from IoT devices as a side-channel to acquire specific information about distinct malware attacking embedded systems even when obfuscation tactics have been attempted to evade analysis.
  • Multiple server-side request forgery (SSRF) vulnerabilities were discovered in HCL Digital Experience (DX), which might lead to an RCE attack. HCL Technologies’ HCL Software eventually issued a security patch with remedies for an SSRF bug.
  • The Federal Trade Commission (FTC) has issued a warning that it’ll use its full legal authority if any US company fails to protect its customers’ data from current Log4J attacks.
  • This week, Google released a Chrome update for Windows, Mac, and Linux. It fixes 37 security issues, one of them was rated critical, and ten were categorized as having a high severity rating.
  • The effect of the Log4j vulnerabilities has been communicated to clients by major organizations that provide industrial services and solutions.
  • An Italian man, the suspect for phishing attacks, was arrested in New York for allegedly taking part in a multi-year conspiracy of unlawfully getting hundreds of manuscripts before being published.

The bad news: This week’s bad news include PulseTV reporting theft of 200,000 credit card details, a vulnerability that allows email delivery via uber.com, a data breach at Broward Health, skimmers being injected into real estate websites, a video player being used to steal credit card data from websites, FreeRTOS having security flaws, and more.

  • A famous online store in the United States, PulseTV, disclosed a substantial credit card fraud campaign in which 200,000 shoppers got affected.
  • Uber’s email system has a weakness that allows anyone to send emails on the company’s behalf. This flaw can be exploited to email 57 million Uber riders and drivers whose personal information was stolen in a data hack in 2016.
  • Multiple vulnerabilities exist in the current firmware for Netgear Nighthawk R6700v3 routers. The most serious of these flaws allows a logged-in attacker to inject executed commands when the device checks for updates.
  • Broward Health, a public health organization in Florida, has announced a large-scale data breach. An attacker gained unauthorized access to the hospital’s network and the personal information of 1,357,879 people.
  • The websites of one of Portugal’s top newspapers and a major broadcaster, both owned by the country’s largest media conglomerate Impresa, got hacked. It was a ransomware attack.
  • Around seven out of ten Financial Service Institutions reveal that a breach of their backup or stored information would have a “significant” or “catastrophic” impact. And, three out of five respondents have doubts about their capacity to recover from a ransomware attack.
  • An unknown cloud video platform was used to inject web skimmer malware into over 100 real estate websites belonging to the same corporate firm, as per Palo Alto Networks.
  • A ZLoader malware campaign steals user passwords and sensitive data via remote monitoring tools and a nine-year-old Microsoft digital signature verification flaw.
  • FreeRTOS, the open-source operating system that drives most small microprocessors and microcontrollers found in many IoT hardware devices, has been found to have security flaws in the TCP/IP stack.
  • According to FinalSite, a ransomware attack blocked access to websites for thousands of schools throughout the world. They were inaccessible or displayed errors.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.

Share:

Share on facebook
Share on twitter
Share on linkedin