Blog
LATEST CYBERTHREATS AND ADVISORIES - November 4, 2022
Cyberattacks on Dropbox, Europe’s biggest copper producer and another Australian business make this week’s headlines. Here are the latest threats and advisories for the week of November 4, 2022.
Threat Advisories and Alerts
Google Chrome Suffers Seventh Zero-Day Vulnerability of the Year
Google has released an emergency update for its Chrome web browser to address its seventh zero-day vulnerability (CVE-2022-3723) of the year. If the security flaw is exploited, attackers could perform remote code execution, access memory regions that could crash applications or read sensitive information of other apps. Google Chrome users are advised to update their browsers immediately.
Source: https://thehackernews.com/2022/10/google-issues-urgent-chrome-update-to.html
Patches Released for Two High-Severity OpenSSL Vulnerabilities
The popular cryptography library OpenSSL has released an update to address high-severity vulnerabilities CVE-2022-3602 and CVE-2022-3786. The flaws could cause a denial of service or remote code execution, which could ultimately allow a threat actor to take control of a user’s system. Users and admins are encouraged to upgrade to OpenSSL 3.0.7.
Source: https://www.cisa.gov/uscert/ncas/current-activity/2022/11/01/openssl-releases-security-update
Emerging Threats and Research
FTC Sues EdTech Giant Chegg for Repeated Breaches
Education technology company Chegg has been sued by the U.S. Federal Trade Commission (FTC) for exposing the information of millions of employees and customers because of four breaches since 2017. According to the FTC, Chegg “took shortcuts with millions of students’ sensitive information” and the breaches were a result of poor security practices. The FTC’s proposed order would require Chegg to limit collected and stored customer data, implement multifactor authentication for users and allow customers to access and delete their data.
ForceNet Joins Growing List of Victims in Australian Cyberattack Spree
The recent surge in cyberattacks on Australian businesses continues this week with a ransomware attack on ForceNet, a company that provides communication services for Australia’s defense department. While the extent of the attack is unknown, some private data like birth dates and enlistment details of military personnel may have been stolen. ForceNet is the latest victim in a series of cyberattacks that have left the Australian business community reeling . Optus, Medibank, MyDeal and other companies have also suffered breaches in the past few months.
Source: https://www.infosecurity-magazine.com/news/ransomware-australian-defence/
Cyberattack Hits Europe’s Biggest Copper Producer
The world’s largest recycler of metal and second largest copper producer Arubis was hit by a cyberattack last Friday evening, forcing its IT systems offline. While it’s unclear how the incident affected production, the Hamburg-headquartered business is working on solutions to make the company’s full range of services available again next week. Though Arubis has not commented on the type of cyberattack that took place, the event shows typical signs of ransomware.
Source: https://www.infosecurity-magazine.com/news/europes-biggest-copper-producer/
130 GitHub Repositories Stolen in DropBox Phishing Attack
DropBox has announced that it was successfully phished last month. While no passwords or payment information was accessed, 130 of its private GitHub code repositories were copied and some of the company’s secret API credentials were swiped. The attack occurred when a phisher impersonated the code integration and delivery platform CircleCI. Dropbox believes the risk to customers from the attack is minimal.
Source: https://www.theregister.com/2022/11/01/dropbox_phishing_code_leak/
Microsoft Dynamics 365 suite misused to phish users
Researchers from cloud email security vendor Avanan are reporting that attackers are misusing Microsoft Dynamics 365 Customer Voice to evade email filters and deliver phishing emails into Microsoft users’ inboxes. The emails contain a legitimate Customer Voice link from Microsoft and points to a standard Microsoft page, enough to get past email filters and security scanners. Clicking on the “Play Voicemail” button included on this page redirects users to a spoofed Microsoft login page.
Source: https://www.helpnetsecurity.com/2022/11/04/microsoft-dynamics-365-phishing/
To stay updated on the latest cybersecurity threats and advisories, look for weekly updates on the (ISC)² blog. Please share other alerts and threat discoveries you’ve encountered and join the conversation on the (ISC)² Community Industry News board.