Let's Talk About IT (22) - 10th July 2024

Vulnerabilities

• Hackers Abused Twilio API To Verify Phone Numbers used For MFA
• Critical Citrix NetScaler Vulnerability Allows Attackers to Access Sensitive Information
• Hackers target WordPress calendar plugin used by 150,000 sites
• Critical MongoDB Compass Code Injection Flaw Exposes Systems to Hacking
• Critical OpenStack Arbitrary File Access Flaw Exposes Cloud Data to Hackers
• Blast Radius
• New Ransomware Group Exploiting Veeam Backup Software Vulnerability
• Cisco Warns of regreSSHion RCE Impacting Multiple Products
• Logsign Unified SecOps RCE Vulnerabilities Let Attackers Gain Control of the System
• Microsoft’s July Update Patches 143 Flaws, Including Two Actively Exploited
• Critical Zero-click RCE Vulnerability Impacts Microsoft Outlook Applications
• New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk
• RCE bug in widely used Ghostscript library now exploited in attacks
• PoC Exploit Released For Splunk Enterprise Local File Inclusion Vulnerability
• PoC Exploit Released for HTTP File Server Remote Code Execution Vulnerability

TTP

• Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks
• Hackers Weaponizing Shortcut Files With Zero-day Tricks To Attack Windows Users
• Ticket Heist network of 700 domains sells fake Olympic Games tickets
• Hackers Leveraging Compiled V8 JavaScript In Wild To Deploy Malware
• X-Files Stealer Attacking Windows Users to Steal Passwords
• Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories
• New Ransomware-as-a-Service ‘Eldorado’ Targets Windows and Linux Systems
• Information Stealing Malware Distributed as AT tools & Chrome Extensions
• Hackers Weaponizing ScreenConnect Remote Access Client to Deliver AsyncRAT
• FakeBat Malware Weaponizing AnyDesk, Zoom, Teams & Chrome

Breaches

• Massive 9.4GB Twitter Data Leaked Online – 200 Million Records Exposed
• Twilio’s Authy App Breach Exposes Millions of Phone Numbers
• Microsoft Employees Data Exposed Via Third-Party Breach
• Fujitsu Cyber Attack: Customers’ Personal Information Exposed
• Roblox Data Breach: Email & IP address Details Exposed
• Teamviewer Discloses Investigation Update Following Cyber Attack
• Computer maker Zotac exposed customers’ RMA info on Google Search
• Hackers leak 39,000 print-at-home Ticketmaster tickets for 154 events
• 1.4 GB of NSA Data Leaked – Phone Numbers, Email Addresss & More Classified Data Exposed Online

Note worthy

• Google Adds Passkeys to Advanced Protection Program for High-Risk Users
• Avast releases free decryptor for DoNex ransomware and past variants
• Importing Let’s Encrypt SSL Certificates into OPNsense

Miscellaneous

• Windows Notepad Text Editor Gets Spell Check After 41 Years
• Threat Actor Claiming 2FA Bypass Vulnerability in HackerOne Platform

Stream Link

Let’s Talk About IT (22) Q&A, Cyber & IT News/July 10th 2024