Cybersecurity news provided by NetworkTigers on Monday, 14 March 2022.
SAN MATEO, CA — Ubisoft suffers “cyber security incident”, Alabama hospital discloses 2021 cyberattack, almost a third of critical WordPress plugin vulnerabilities don’t receive a patch, Anonymous leaks 360,000 Russian documents, pro-Ukraine hackers work on Russian data, Argentinian e-commerce giant latest to be struck by Lapsus$, TLStorm makes uninterruptible power supply devices vulnerable to hacking, Chinese hackers found to have compromised US government networks, Mozilla: update FireFox immediately, RagnarLocker ransomware hits over 50 US infrastructure firms, Anonymous continues cyber assault on Russian media, attackers can turn Amazon Echos against themselves.
Ubisoft suffers “cyber security incident”
Game developer Ubisoft has reset all employee passwords after experiencing what it has labeled a “cyber security incident” Extortion gang Lapsus$ has seemingly taken credit for the breach, although at this time it does not appear that whoever spearheaded the attack was able to steal the company’s proprietary data. Read more.
Alabama hospital discloses 2021 cyberattack
Alabama health facility Norwood Clinic has reported that a cyberattack in October of 2021 has compromised the data of 228,000 patients. It has not been disclosed if ransomware was used in the attack. All patients are being given free credit monitoring and dark web monitoring services. Read more.
Almost a third of critical WordPress plugin vulnerabilities don’t receive a patch
Patchstack, a leader when it comes to monitoring security threats within WordPress, has released a report that alarmingly states that 29% of the critical plugin bugs found in the world’s most popular content management platform go unpatched. A vast majority of these vulnerabilities, 91%, come from free plugins offered by third party developers. Read more.
Anonymous leaks 360,000 Russian documents
Hacktivist group Anonymous has hacked into a Russian federal database and released 360,000 documents. Roskomnadzor, the Russian agency tasked with media control and censorship, was targeted by the group and leaked information reveals that, unsurprisingly, Moscow is making efforts to control the narrative behind the conflict in Ukraine by censoring any reference to it as an “invasion.” Read more.
Pro-Ukraine hackers work on Russian data
A number of Russian cloud databases have been hacked and defaced with pro-Ukraine messaging according to research being done by Website Planet. Samples have revealed that the majority of misconfigured databases have had data deleted, exfiltrated and names changed to labels like “no war” and “HackedByUkraine.” Because of the nature of the activity, attributing the hacks to specific groups or entities is difficult. Read more.
Argentinian e-commerce giant latest to be struck by Lapsus$
MercadoLibre, a major Argentinian E-commerce company, has reported that it suffered a data breach that compromised its source code as well as information related to around 300,000 of its users. Extortion group Lapsus$, having recently attacked Samsung and Nvidia, appears to be responsible for the breach as they have included MercadoLibre on an online poll asking people which company’s data they would like to see the group leak next. Read more.
TLStorm makes uninterruptible power supply devices vulnerable to hacking
A group of zero-day vulnerabilities dubbed “TLStorm” has been discovered that can allow hackers to remotely control APC manufactured uninterruptible power supply (UPS) devices. UPS devices are critical pieces of hardware used in sectors such as government and healthcare where power disruptions can have disastrous consequences. A malicious actor could remotely cut power or burn a UPS out using the exploits. Read more.
Chinese hackers found to have compromised US government networks
Security research firm Mandiant has revealed that Chinese hacking group APT41 has infiltrated at least six US state government networks by leveraging Log4Shell and other vulnerabilities. Researchers could not say for sure if the intrusions were state sponsored or undertaken by APT41 on their own. The group has also been observed “re-compromising” environments by quickly customizing malware to adapt to detection. Read more.
Mozilla: update FireFox immediately
Mozila’s FireFox internet browser has been found to be harboring two critical vulnerabilities that have already been exploited in the wild by cybercriminals. Mozilla is urging all users of FireFox to update their software immediately to patch the vulnerability. The two bugs can lead to remote code execution if leveraged by threat actors. Read more.
RagnarLocker ransomware hits over 50 US infrastructure firms
The FBI has released a report that indicates that RagnarLocker, a ransomware variant that has been flying under the radar over the past two years, has compromised at least 52 critical national infrastructure (CNI) firms. RagnarLocker leaves some files alone as it encrypts others in the background, allowing the victim system to operate without detecting the ransomware’s presence. Read more.
Anonymous continues cyber assault on Russian media
Anonymous’ self-declared “cyber war” on Russia has seen the hacktivist group commandeer Russian streaming services. The services hacked by Anonymous have been showing news footage from outside of the isolated country, anti-war messages and more in an effort to reach the Russian people and inform them of their government’s aggression which is largely spun in Moscow’s favor via state controlled media outlets. Read more.
Attackers can turn Amazon Echos against themselves
Researchers have discovered an exploit that could allow an attacker to turn Amazon Echo smart speakers against themselves. The exploit makes it easy to use a victim’s Echo to unlock doors, operate connected devices and even make purchases. The attack works by connecting an Echo to a malicious actor’s Bluetooth devices and using the Amazon product’s speaker to communicate voice prompts to itself. Read more.
More cybersecurity news
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses, health care and government agencies globally. www.networktigers.com
NetworkTigers provides the latest industry and cybersecurity news in a weekly roundup at news.networktigers.com.