CyberSec Intel Thursday #3

December 23, 2021 - Welcome to CyberSec Intel Thursday (CIT)! More Log4J attack vectors along with scanning tools.

  • CISA releases an open-sourced Apache Log4j Scanner derived from scanners created by other members of the open-source community to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

  • Microsoft patched two Active Directory domain service privilege escalation security flaws that, when combined, allow attackers to easily takeover Windows domains.

  • UK Government shared 585 million compromised password with Have I Been Pwned service, adding another 223 million passwords to existing database.

  • Researchers found an insecure default behavior in Azure App Service exposing source code of some customer applications deployed using "Local Git."

  • 93% of Tested Networks Vulnerable to Breach - Data from dozens of penetration tests and security assessments suggest nearly every organization can be infiltrated by cyberattackers.

  • Russian National Extradited for Illegal Hacking & Trading, where he faces charges related to his alleged involvement in an operation to trade on nonpublic information taken from US computer networks. Essentially, he made gains from stock positions made by front-running the public releases of SEC filings before they are officially released.

  • Phishing incident causes data breach at West Virginia hospitals. Monongalia Health System, Inc., and its affiliated hospitals, Monongalia County General Hospital Company and Stonewall Jackson Memorial Hospital Company (collectively, "Mon Health"), announced that it recently investigated and addressed an email phishing incident, and is now notifying individuals, including patients, providers, employees, and contractors, whose information may have been involved.

  • Gaming giant Ubisoft has confirmed a cyberattack on its IT infrastructure targeting the popular game Just Dance. Ubisoft has sold millions of copies of Just Dance since it debuted in 2009.

  • $30 million stolen from Grim Finance and the smart contract audit firm blames the incident on a new hire - "This audit was performed by an analyst who was new to the team... unfortunately this issue was not caught in our peer review process."