Welcome to CyberIntelMag’s weekly roundup! A place where you can find the most important stories in the cybersecurity world from the past week.
The Good News
This week’s good news includes Brussels planning to come up with guidelines for the cybersecurity of connected devices, Indonesia passing personal data protection law, Abu Dhabi launching a campaign to increase cybersecurity awareness, protection against kernel exploits being included in Windows 11 22H2, and much more.
- The Cyber Resilience Act, unveiled in Brussels, aims to position itself as a global leader by mandating cybersecurity standards for all IoT products and informing customers about how the products they buy affect cybersecurity.
- Indonesia finally approved a personal data privacy law. This law will apply to domestic and foreign companies handling Indonesia’s consumer data.
- A program to raise awareness about cybersecurity was launched by the Abu Dhabi Digital Authority (ADDA) and Cyber Security Council with an aim to decrease cyber risks and threats.
- Version 22H2 of Microsoft’s security configuration baseline settings for Windows 11 is now available for download via the Microsoft Security Compliance Toolkit. It includes several changes to help enterprise clients’ security even more.
- Mozilla released security updates to fix security flaws in Thunderbird, Firefox ESR, and Firefox. Some of these flaws might be used by an attacker to take over a vulnerable system. Users are advised to update their applications immediately.
The Bad News
This week’s bad news includes American Airlines disclosing the data breach incident’s reason, Uber accusing Lapsus$ of the security breach incident, Russian hackers distributing malware by presenting themselves as Ukrainian telecoms, Excel document delivering multiple malware, fake WhatsApp message duping auto company in India, several eCommerce domains getting infected with skimmers, Optus data breach affecting personal data of customers, Oracle cloud infrastructure bug exposing sensitive data, and much more.
- American Airlines told customers of the latest data breach, which occurred after hackers accessed extremely sensitive personal data by hacking an unknown number of employee email accounts.
- Uber accused Lapsus$ of the security breach incident hitting it last week. The hacking gang apparently accessed many internal Uber systems following the theft of credentials from a third-party contractor.
- A hacker organization that predominantly attacked targets in Central America leaked around 10TB of emails and other documents from the police and military institutions of Chile, Mexico, El Salvador, Peru, and Colombia.
- Leading cryptocurrency market maker Wintermute lost around $160 million due to a hack. It is the latest company in the sector to have a breach.
- Recent studies reveal that cybercriminals linked to the Russian nation-state actor Sandworm have continued to attack Ukraine with generic malware while disguising themselves as telecom providers.
- It was discovered that an Excel document containing an embedded file might execute malicious code to transmit and run malware on a victim’s device, abusing the CVE-2017-11882 vulnerability.
- JBM Group, an Indian automobile company, was allegedly duped by a fraudster after sending fake WhatsApp messages to the company’s CFO in the name of its VC and getting funds transferred to seven different bank accounts.
- An industrial control systems alert by the U.S. Cybersecurity and Infrastructure Security Agency revealed seven security weaknesses in the Dataprobe’s iBoot-PDU power distribution unit device.
- Security specialists at Recorded Future discovered 569 e-commerce sites to be skimmer-infected, and 314 of those have been infiltrated by web skimmers that employ Google Tag Manager (GTM) containers.
- The New York Racing Association (NYRA) was the target of a cyberattack by the Hive ransomware operation. This attack on June 30, 2022, compromised member data and affected IT operations and website availability.
- Customers’ names, dates of birth, residences, and contact information were taken as a result of a significant cyberattack against Optus.
- Microsoft issued a warning on a consumer-facing attack that used rogue OAuth apps installed on infected cloud tenants to take over Exchange servers and eventually distribute spam.
- Cloud security company Wiz uncovered an Oracle Cloud Infrastructure (OCI) weakness that allows attackers to change customers’ storage volumes without authorization.