Cybersecurity News & Updates - August, 2023

Check out the latest updates on high vulnerabilities, data breaches and ransomware attacks.

High Vulnerabilities

Jupiter X Core WordPress plugin could let hackers hijack sites

Two vulnerabilities affecting some versions of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow hijacking accounts and uploading files without authentication. Jupiter X Core is an easy-to-use yet powerful visual editor, part of the Jupiter X theme, which is used in over?172,000?websites. Read more


Companies Respond to ‘Downfall’ Intel CPU Vulnerability

Several major companies have published security advisories in response to the recently disclosed Intel CPU vulnerability named Downfall.?Discovered by Google researchers and officially tracked as CVE-2022-40982,?Downfall?is a side-channel attack method that allows a local attacker — or a piece of malware — to obtain potentially sensitive information such as passwords and encryption keys from the targeted device. Read more


Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking

Four security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into ATMs, upload arbitrary files, and even reboot the terminals. The shortcomings were discovered by the Synack Red Team (SRT) following a client engagement. The issues have been addressed in ScrutisWeb version 2.1.38. Read more


New WinRAR Vulnerability Could Allow Hackers to Take Control of Your PC

A high-severity security flaw has been disclosed in the WinRAR utility that could be potentially exploited by a threat actor to achieve remote code execution on Windows systems. Read more


Thousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity

Thousands of?Openfire XMPP servers?are unpatched against a recently disclosed high-severity flaw and are susceptible to a new exploit, according to a?new report?from VulnCheck. Tracked as?CVE-2023-32315?(CVSS score: 7.5), the vulnerability relates to a path traversal vulnerability in Openfire's administrative console that could permit an unauthenticated attacker to access otherwise restricted pages reserved for privileged users. Read more


Ransomware Attacks

Danish cloud host says customers ‘lost all data’ after ransomware attack

Cloud host CloudNordic says most of its customers have “lost all data with us” following a ransomware attack on its data center systems, including its backups. The Denmark-based cloud company said the ransomware attack began Friday, during which cybercriminals “shut down all systems,” including its website and email, and encrypted customer systems and websites. Read more


Akira ransomware targets Cisco VPNs to breach organizations

There's mounting evidence that Akira ransomware targets Cisco VPN (virtual private network) products as an attack vector to breach corporate networks, steal, and eventually encrypt data. Akira ransomware is a relatively new ransomware operation?launched in March 2023, with the group later?adding a Linux encryptor?to target VMware ESXi virtual machines. Read more


LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants

The leak of the?LockBit 3.0 ransomware?builder last year has led to threat actors abusing the tool to spawn new variants. Russian cybersecurity company Kaspersky said it detected a ransomware intrusion that deployed a version of LockBit but with a markedly different ransom demand procedure. Read more


Rhysida claims ransomware attack on Prospect Medical, threatens to sell data

The Rhysida ransomware gang has claimed responsibility for the massive cyberattack on Prospect Medical Holdings, claiming to have stolen 500,000 social security numbers, corporate documents, and patient records. The attack is believed to have occurred on August 3rd, with employees finding ransom notes on their screens stating that their network was hacked and devices encrypted. Read more


Data Breaches

Rising Concerns as Discord.io Data Breach Compromises 760,000 Users

Data breaches have become more common in recent years, despite an increased focus being placed on cybersecurity in recent years. There has been another data breach at Discord.io this time, unfortunately, as the company is now one of the victims of such attacks. Read more


UKs Largest Police Force on Alert After Major Data Breach

London’s Metropolitan Police force said Sunday it was taking security measures after “unauthorized access to the IT system of one of its suppliers", following data breaches at other forces. The company in question had access to the names, ranks, photos, vetting levels and pay numbers for officers and staff, but not addresses, phone numbers or financial details, it said. Read more


Mysterious Team Bangladesh Targeting India with DDoS Attacks and Data Breaches

A hacktivist group known as?Mysterious Team Bangladesh?has been linked to over 750 distributed denial-of-service (DDoS) attacks and 78 website defacements since June 2022. "The group most frequently attacks logistics, government, and financial sector organizations in India and Israel," Singapore-headquartered cybersecurity firm Group-IB said in a?report?shared with The Hacker News. Read more


Byju’s exposed sensitive student data, including loan details

Byju’s, the edtech giant and India’s?most valuable startup, has fixed a server-side misconfiguration that was exposing sensitive data of its students. The Indian startup exposed some students’ names, phone numbers, addresses and email IDs. The exposed data also included loan details such as payouts, links to scanned documents and transactional information related to some students. Read more


The MOVEit mass hacks hold a valuable lesson for the software industry

The MOVEit mass hacks will likely go down in history as one of the largest and most successful cyberattacks of all time. By exploiting a vulnerability in Progress Software’s MOVEit managed file transfer service, used by thousands of organizations to securely transfer large amounts of often-sensitive files, hackers were able to inject SQL commands and access customers’ sensitive data. Read more

要查看或添加评论,请登录

社区洞察

其他会员也浏览了