Welcome to Cyber Watch series for today, July 14, 2023. At DigitalXForce, our Cyber Intelligence team curates a list of the latest cybersecurity news to keep you informed of stories that matter every week.
Last week, that is: July, 8, 2023, we saw a massive increase in ransomware/malware attacks, with a major hit in Japan’s Nagoya Port and the discovery of a Play Store “certified” spyware linked to China.
On the other hand, critical flaws such as the unauthenticated SQLi in MOVEIT software and unpatched WordPress plugins made the news as hackers continue to exploit vulnerabilities.
Finally, the digital galaxy heaved a sigh of relief as Hackrate launched HackGATE – a new monitoring platform specifically designed for ethical hacking projects.
This week’s Cyber Watch list is a compilation of stories from 50+ relevant news sources across the web – all ranked according to the risk impact. We encourage you to review these stories and take steps to protect your organization.
Tampa Bay Zoo Attacked By Royal Ransomware Gang
The Tampa Bay zoo (a.k.a ZooTampa) has come under a chilling cyberattack, leaving its systems compromised and its digital infrastructure in disarray.
According to a report by The Record, ZooTampa was recently targeted in a cyberattack that could have put the safety of animals and visitors at risk. The zoo has since recovered, but this is a reminder that no organization is immune to cyber threats.
US Agency Suffers as China-linked Cyberattack Compromises Government Microsoft Emails
A recent Hacker News report leaves us with a shocking revelation: a new China-linked espionage campaign has targeted two dozen organizations, including U.S. government agencies.
The campaign has been using phishing emails to deliver malicious attachments that, once opened, can give the attackers access to the victim’s computer system. Get ready for the hair-raising details of this alarming breach that puts national security at stake!
FIRST Unveils a New CVSS Version
The Forum of Incident Response and Security Teams (FIRST) unveiled a new version of the Common Vulnerability Scoring System (CVSS 4.0) on July 13, 2023.
The new version, CVSS 4.0, is now the industry standard for assessing the severity of computer system security vulnerabilities. With a number of changes, the CVSS 4.0 is designed to be more accurate and reflective of the current threat landscape.
WireShark Foundation Releases WireShark 4.0.7
Wireshark, the world’s most popular network packet analyzer, has released a new version that includes a number of security fixes and protocol updates. According to Cyber Security News, however, the release also comes with a warning that the new version could crash if users are using certain older versions of the software.
If you use this network analysis tool, this is a wake-up call to update your WireShark software.
Threat Actors Unleash Attack on Ukraine and Poland with PicassoLoader Malware
A new malware called PicassoLoader was reported to have been used in ongoing attacks on Government entities, military organizations, and civilians in Ukraine and Poland. The malware is designed to steal sensitive data and gain persistent remote access to infected systems.
According to The Hacker News, “The intrusion set, which stretches from April 2022 to July 2023, leverages phishing lures and decoy documents to deploy a downloader malware called PicassoLoader, which acts as a conduit to launch Cobalt Strike Beacon and njRAT.”
Furthermore, “some of the activities have been attributed to a threat actor called GhostWriter (aka UAC-0057 or UNC1151), whose priorities are said to align with the Belarusian government.”
White House Set to Implement National Cybersecurity Strategy
According to InfoSecurity Magazine, the Biden administration has published a new National Cybersecurity Strategy that shifts the burden of cybersecurity from individuals and small businesses to technology firms. This is a major shift in policy that could have far-reaching consequences for the future of cybersecurity in the United States.
As part of this groundbreaking plan, the US White House has set up an Office of the National Cyber Director (ONCD) to bolster the nation’s cybersecurity defenses and tackle the growing threats head-on.
HCA Healthcare Hacked: Patient Data Stolen and “On Sale” in USA
According to a recent CNBC report, HCA Healthcare has fallen victim to a major data breach, with millions of patient data stolen and up for sale on the dark web by hackers. Verizon’s 2023 Data Breach Investigations Report revealed that the healthcare sector is a prime target for cyberattacks with 66% breaches caused by external threat actors.
HCA Healthcare is one of the largest healthcare providers in the USA. This is a major data breach that could have devastating consequences for patients. If you are a healthcare organization, consider implementing a robust cybersecurity program to identify and mitigate risks in your attack surface.
Another Critical Flaw Hits FORTINET and SonicWall
Brace up, folks! A jaw-dropping flaw in Fortinet’s FortiOS and FortiProxy has been exposed, leaving networks vulnerable to remote code execution attacks.
Cyber Security News reported that this critical and stack-based vulnerability in Fortinet’s FortiOS software, identified as CVE-2023-33308, could allow hackers to take control of your firewall and launch devastating attacks. The flaw has been exploited in the wild, so patch your systems now.
According to The Hacker News, “SonicWall on Wednesday urged customers of Global Management System (GMS) firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information.”
QuickBox SDK & API Flaws Wreak Havoc, Exposes PII of Millions of Users
A critical API flaw in QuickBlox’s framework exposed the personal information of millions of users, including phone numbers, email addresses, and IP addresses. This is a major data breach that could have devastating consequences for users.
According to Security Week, “this joint research into QuickBlox demonstrates the potential scale of the threat from API flaws, especially where the flaw is in a framework used by multiple vendors and multiple applications.”
Undisclosed Breach: Revolut Loses $20 Million via Payment System
Hackers stole more than $20 million from Revolut, a popular digital banking app, by exploiting a flaw in the company’s payment systems. The attack is a reminder that even the most secure companies are vulnerable to cyberattacks.
Get ready to read more about this audacious cybercrime and the techniques used to siphon off such a colossal sum!
Crypto Fraud Announced in New York
A recent report revealed the case of an alleged father-and-son team who are accused of stealing some $10 million in crypto funds from around 20 victims. According to Cyber News, “Eugene Austin, 60, of Port Jefferson, New York, is accused of running fake cryptocurrency investment schemes between 2018 and 2021.”
The report further stated that “his son, Brandon, 27, of Coram, New York, entered a guilty plea in April this year, which was revealed by the US Department of Justice (DoJ) on July 12th.” Cryptocurrency fraud is on the rise in New York, with scammers using a variety of techniques to steal people’s money. Be aware of the risks and take steps to protect yourself.
That’s all for today. See you next week!