Welcome to CyberIntelMag’s weekly roundup! A place where you can find the most important stories in the cybersecurity world from the past week.
The Good News
This week’s good news includes WhatsApp allowing users to lock sensitive chat, Chrome 113 security update fixing critical weakness, Apple addressing three new zero-day vulnerabilities used to compromise iPhones and Macs, Google announcing a new rating system for Android and device vulnerability reports, and much more.
- Within WhatsApp, Meta debuted Chat Lock, a feature that enables users to shield private and delicate chats from prying eyes.
- Google made available a security patch for Chrome 113 that fixes a total of 12 vulnerabilities, one of which is classified as “critical.” External researchers found six of the errors.
- Apple fixed three new zero-day flaws that were being used in hacking attempts against iPads, Macs, and iPhones.
- Google said it is adding a new approach for evaluating the quality of bug reports to the Android and Google Devices Vulnerability Reward Program (VRP).
- The Department of Justice disclosed that a Wisconsin 18-year-old named Joseph Garrison was accused of breaking into the accounts of almost 60,000 users of the DraftKings sports betting website in November 2022.
The Bad News
This week’s bad news includes hackers attacking WordPress sites vulnerable using the public exploit, Linux and VMware ESXi systems being attacked by the new “MichaelKors” ransomware-as-a-service, PharMerica leaking 5.8Musers’ PII and health information, Mustang Panda hackers from China using TP-Link routers to launch repeated attacks, hackers using Azure serial console to gain covert access to VMs, MalasLocker malware demanding charitable donations from Zimbra servers, worldwide outage of ASUS routers happening due to a faulty security update, millions of smartphones all over the world have Guerrilla malware preloaded on them, and much more.
- Hackers are actively employing a proof-of-concept (PoC) attack for a new fixed vulnerability in the WordPress Advanced Custom Fields plugin.
- Unmanaged Microsoft SQL (MS SQL) servers are the focus of a new effort that aims to spread the CLR SqlShell malware family, which in turn makes it easier to deploy ransomware and cryptocurrency miners.
- As of April 2023, the MichaelKors ransomware-as-a-service (RaaS) operation is the newest file-encrypting malware to target Linux and VMware ESXi systems.
- PharMerica Healthcare revealed that an unauthorized third party breached its networks at the beginning of this year, exposing the personal information of more than 5.8 million people who have passed away.
- Multiple flaws in Kiddowares’ “Parental Control – Kids Place” application for Android might allow attackers to upload arbitrary files on secured devices, steal user passwords, and let kids get around limitations without their parents knowing.
- Since January 2023, the Chinese nation-state actor known as Mustang Panda has been connected to a fresh round of highly sophisticated and narrowly focused strikes on European foreign policy institutions.
- An organized cyber gang known as “UNC3944” used phishing and SIM-swapping attacks to gain access to virtual machines and control over Microsoft Azure admin accounts.
- Credit Control Corporation (CCC), a provider of debt collection services, was recently the target of a cyber assault that resulted in a data breach that exposed the personal information of 286,699 people.
- Dozens of angry parents and patients sought explanations after an Oklahoma allergy clinic abruptly closed its doors and laid the blame for the unexpected closure on a cyberattack.
- A new ransomware operation hacked Zimbra servers to grab emails and encrypt data. Threat actors insist that to provide an encryptor and stop data leaking, they do not require a ransom payment but rather charitable donations.
- After being attacked by the Dunghill ransomware group, Gentex Corporation acknowledged that it had experienced a data breach, albeit it doesn’t seem that the event had been previously reported.
- Customers of ASUS received an apology for a server-side security maintenance mistake that resulted in network connection issues for various afflicted router models.
- A preinstalled piece of malware (Guerrilla) allowed a threat actor control over millions of smartphones dispersed throughout the globe, claims a warning from Trend Micro.