Comments on: Cyber security news October 2022

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Nov 2022 07:55:13 +0000

Sources: Twitter froze some staff access to content moderation and policy enforcement tools, raising worries about a misinformation spike before the US midterms — Twitter Inc., the social network being overhauled by new owner Elon Musk, has frozen some employee access to internal tools used …
https://www.bloomberg.com/news/articles/2022-11-01/twitter-limits-content-enforcement-tools-as-us-election-looms

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Nov 2022 07:52:10 +0000

Musk Now Gets Chance to Defeat Twitter’s Many Fake Accounts
https://www.securityweek.com/musk-now-gets-chance-defeat-twitters-many-fake-accounts

Twitter’s unending fight against spam accounts is now a problem for new owner Elon Musk, who pledged in April to defeat the bot scourge or “die trying!”

He later cited bots as a reason to back out of buying the social platform. Now that the billionaire has completed the deal, he’s faced with the task of delivering on his promise to clean up the fake profiles that have preoccupied him and bedeviled Twitter since long before he expressed interest in acquiring it.

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Nov 2022 07:51:47 +0000

Critical ConnectWise Vulnerability Affects Thousands of Internet-Exposed Servers
https://www.securityweek.com/critical-connectwise-vulnerability-affects-thousands-internet-exposed-servers

IT management software provider ConnectWise on Friday announced updates that patch a critical vulnerability which, according to cybersecurity professionals, exposes thousands of servers to attacks.

The flaw, described as “improper neutralization of special elements in output used by a downstream component”, affects the ConnectWise Recover backup and disaster recovery product (v2.9.7 and earlier), and the R1Soft server backup manager (v6.16.3 and earlier).

The issue is a critical remote code execution vulnerability. The vendor has assigned it a priority rating of 1, which indicates that the vulnerability is either being targeted by hackers or it’s at high risk of being exploited in the wild.

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Nov 2022 07:50:19 +0000

Label Giant Multi-Color Corporation Discloses Data Breach
https://www.securityweek.com/label-giant-multi-color-corporation-discloses-data-breach

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Nov 2022 07:41:41 +0000

Rovaniemen kaupunki luopuu WhatsAppin käytöstä https://www.epressi.com/tiedotteet/kaupungit-ja-kunnat/rovaniemen-kaupunki-luopuu-whatsappin-kaytosta.html
Aiemmin kaupunki on suositellut WhatsAppin välttämistä.. Rovaniemen kaupunki on kieltänyt työntekijöiltään kaupallisten pikaviestisovellusten käytön työasioissa ja työntekijän laitteilla.
Kielto koskee esimerkiksi WhatsApp-, Signal- ja Telegram-sovelluksia sekä muita vastaavia kaupallisia pikaviestisovelluksia, joita ei ole erikseen hyväksytty käytettäväksi

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Nov 2022 07:41:13 +0000

UK officials call for investigation following reports that government hid Liz Truss phone hack https://therecord.media/uk-officials-call-for-investigation-following-reports-that-government-hid-liz-truss-phone-hack/
British opposition politicians are calling for an “urgent investigation” into allegations the government covered up a security incident in which the personal phone of Liz Truss, while serving as Foreign Secretary, was hacked by “agents suspected of working for Russian President Vladimir Putin.”. The attackers stole “up to a year’s worth of messages” as reported by the Mail on Sunday, including “highly sensitive discussions with senior international foreign ministers about the war in Ukraine, including detailed discussions about arms shipments.”

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Nov 2022 07:40:55 +0000

Fodcha DDoS Botnet Resurfaces with New Capabilities https://thehackernews.com/2022/10/fodcha-ddos-botnet-resurfaces-with-new.html
The threat actor behind the Fodcha distributed denial-of-service
(DDoS) botnet has resurfaced with new capabilities, researchers reveal. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a target, Qihoo 360′s Network Security Research Lab said in a report published last week. Fodcha first came to light earlier this April, with the malware propagating through known vulnerabilities in Android and IoT devices as well as weak Telnet or SSH passwords.

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Nov 2022 07:40:26 +0000

Hacking group abuses antivirus software to launch LODEINFO malware https://www.bleepingcomputer.com/news/security/hacking-group-abuses-antivirus-software-to-launch-lodeinfo-malware/
The Chinese Cicada hacking group, tracked as APT10, was observed abusing security software to install a new version of the LODEINFO malware against Japanese organizations. The targeted entities are media groups, diplomatic agencies, government and public sector organizations, and think tanks in Japan, all high-interest targets for cyberespionage.

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Nov 2022 07:40:09 +0000

Hackers selling access to 576 corporate networks for $4 million https://www.bleepingcomputer.com/news/security/hackers-selling-access-to-576-corporate-networks-for-4-million/
A new report shows that hackers are selling access to 576 corporate networks worldwide for a total cumulative sales price of $4, 000, 000, fueling attacks on the enterprise. The research comes from Israeli cyber-intelligence firm KELA which published its Q3 2022 ransomware report, reflecting stable activity in the sector of initial access sales but a steep rise in the value of the offerings.

By: Tomi Engdahl

Tomi Engdahl — Tue, 01 Nov 2022 07:39:50 +0000

October 31, 202211:12 AM GMT+2Last Updated 10 hours ago https://www.reuters.com/technology/cyber-officials-37-countries-13-companies-meet-ransomware-washington-2022-10-31/
Cyber officials from 37 countries, 13 companies to meet on ransomware in Washington. The White House will host officials from 37 countries and 13 global companies in Washington this week to address the growing threat of ransomware and other cyber crime, including the illicit use of cryptocurrencies, a senior U.S. official said. Countries participating in addition to the United States include: Australia, Austria, Belgium Brazil, Bulgaria, Canada, Croatia, Czech Republic, the Dominican Republic, Estonia, European Commission, France,.
Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Norway Poland, South Korea, Romania, Singapore, South Africa, Spain, Sweden, Switzerland, Ukraine, United Arab Emirates and Britain.