Comments on: Cyber security news January 2023

By: Tomi Engdahl

Tomi Engdahl — Wed, 01 Feb 2023 08:41:25 +0000

Data Breaches
British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
https://www.securityweek.com/british-retailer-jd-sports-discloses-data-breach-affecting-10-million-customers/

JD Sports discovers unauthorized access to information from orders placed by customers between 2018 and 2020.

By: Tomi Engdahl

Tomi Engdahl — Wed, 01 Feb 2023 08:41:04 +0000

Russian Millionaire on Trial in Hack, Insider Trade Scheme
https://www.securityweek.com/russian-millionaire-on-trial-in-hack-insider-trade-scheme/

Russian Vladislav Klyushin made tens of millions of dollars by hacking into U.S. computer networks to steal insider information.

A wealthy Russian businessman and associates made tens of millions of dollars by cheating the stock market in an elaborate scheme that involved hacking into U.S. computer networks to steal insider information about companies such as Microsoft and Tesla, a prosecutor told jurors on Monday.

Vladislav Klyushin, the owner a Moscow-based information technology company with ties to the upper levels of the Russian government, is standing in trial in a Boston federal court nearly two years after he was arrested after landing in Switzerland on a private jet for a skiing trip.

He’s the only Russian national charged in the nearly $90 million scheme who has been arrested and extradited to the U.S.; four accused co-conspirators — including a Russian military intelligence officer who’s also been charged with meddling in the 2016 presidential election — remain at large.

By: Tomi Engdahl

Tomi Engdahl — Wed, 01 Feb 2023 08:40:37 +0000

GitHub Revokes Code Signing Certificates Following Cyberattack
https://www.securityweek.com/github-revokes-code-signing-certificates-following-cyberattack/

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

By: Tomi Engdahl

Tomi Engdahl — Wed, 01 Feb 2023 08:39:27 +0000

Vulnerabilities
Critical QNAP Vulnerability Leads to Code Injection
https://www.securityweek.com/critical-qnap-vulnerability-leads-to-code-injection/

QNAP warns users of a critical vulnerability that allows attackers to inject malicious code on NAS devices.

By: Tomi Engdahl

Tomi Engdahl — Wed, 01 Feb 2023 08:36:26 +0000

Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
https://www.securityweek.com/microsofts-verified-publisher-status-abused-in-email-theft-campaign/

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

By: Tomi Engdahl

Tomi Engdahl — Wed, 01 Feb 2023 08:27:54 +0000

Microsoft releases emergency updates to fix XPS display issues https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-updates-to-fix-xps-display-issues/
Microsoft has released out-of-band (OOB) updates for some .NET Framework and .NET versions to address XPS display issues triggered by December 2022 cumulative security updates. Users will experience null reference exceptions and images or glyphs displaying incorrectly when viewing XPS documents rendered using affected Windows Presentation Foundation (WPF) based apps

By: Tomi Engdahl

Tomi Engdahl — Wed, 01 Feb 2023 08:26:59 +0000

Pro-Russian DDoS attacks raise alarm in Denmark, U.S.
https://therecord.media/ddos-denmark-us-russia-killnet/
Distributed denial-of-service (DDoS) attacks by pro-Russian hacking groups are causing alarm in the U.S. and Denmark after several incidents affected websites of hospitals and government offices in both countries. On Tuesday, Denmark announced that it was raising its cyber risk alert level after weeks of attacks on banks and the countrys defense ministry

By: Tomi Engdahl

Tomi Engdahl — Wed, 01 Feb 2023 08:26:38 +0000

Riot Games refuses to pay ransom to avoid League of Legends leak https://www.malwarebytes.com/blog/news/2023/01/stolen-code-from-riot-games-already-being-auctioned-off
After confirming threat actors were able to steal some of its code, Riot Games has also revealed that it received a ransom email from its attacker. The attackers demanding $10 million to stop them leaking source code from League of Legend’s and other games

By: Tomi Engdahl

Tomi Engdahl — Wed, 01 Feb 2023 08:20:42 +0000

Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices https://thehackernews.com/2023/01/realtek-vulnerability-under-attack-134.html
Researchers are warning about a spike in exploitation attempts weaponizing a now-patched critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022. According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded
134 million exploit attempts as of December 2022, with 97% of the attacks occurring in the past four months

By: Tomi Engdahl

Tomi Engdahl — Tue, 31 Jan 2023 15:30:43 +0000

”Olemme kaapanneet tilisi” – Hannele Laurilta kiristettiin tänä aamuna rahaa julmalla viestillä, menetti elinkeinonsa
https://www.iltalehti.fi/viihdeuutiset/a/6431acae-9971-4392-bb81-c9f4c18ab94a

Hannele Laurin nyt jo poistuneella Instagram-käyttäjällä oli yli 22 tuhatta seuraajaa.

Näyttelijä Hannele Lauri sai tiistaina 31. tammikuuta pelottavan viestin puhelimeensa. Tuntematon numero kirjoitti Whatsapp-viestissä Laurille, että hänen täytyy lähettää rahaa tai hänen Instagram-tilinsä poistuu.

– Olemme kaapanneet tilisi. Jos haluat tilisi takaisin, joudut maksamaan. Ota yhteyttä, viestissä luki englanniksi.

Lauri ei suostunut kiristykseen, ja pian hän huomasi Instagram-tilinsä olevan poissa. Lauri kertoo Iltalehdelle olevansa todella raivoissaan tilanteen takia.