Thursday, September 28, 2023
HomeCybersecurity NewsCybersecurity news weekly roundup October 24, 2022

Cybersecurity news weekly roundup October 24, 2022

SAN MATEO, CA, October 24, 2022 — Cybersecurity news weekly roundup. Stories, news, politics, and events that impacted the network security industry last week. Brought to you by NetworkTigers.

“Text4Shell” Apache Commons Text vulnerability being actively exploited

Hackers have begun exploiting a flaw in WordPress via Apache Commons Text, according to researchers at Wordfence. Dubbed “Text4Shell” due to its similarity to Log4Shell, when executed, the exploit can allow a hacker to pave the way for large-scale attacks through the launching of arbitrary code on vulnerable systems. Users of Apache Commons Text are urged to upgrade to the newest version. Read more.

Improper Meta Pixel usage results in health system breach

Advocate Aurora Health (AAH) has notified patients across its 26 hospitals that their data has been exposed due to the use of Meta Pixel on the healthcare system’s websites. Meta Pixel tracks site users to help administrators determine how to make improvements. Still, it also sends data to Meta so the social media giant can show people targeted ads via Facebook. The improper use of Meta Pixel on hospital portals and websites means that protected health information is delivered to Meta, violating patients’ rights. AAH has disabled Meta Pixel from its websites and has provided a list of the patient data that has been potentially exposed. Read more.

Microsoft exposes customer data in Azure Blob Bucket misconfiguration.

Stemming from a misconfigured Azure Blob Bucket, Microsoft has admitted that it accidentally exposed business transaction data that unauthorized actors could have accessed. The data included names, email addresses, phone numbers, and files related to current and prospective business transactions. Security researchers at SOCRadar reported that as many as 65,000 entities worldwide were affected, but Microsoft claims that this number is exaggerated. Microsoft fixed the misconfiguration hours after being made aware of it. Read more.

Hackers using new PowerShell backdoor for espionage

Initially not flagged as malicious by antivirus software, a new PowerShell backdoor used by hackers has been deemed designed for data exfiltration and espionage. The attack begins with a phishing email modeled after a LinkedIn job application that contains malicious macros. The macros create a task that mimics a routine Windows update but instead executes two PowerShell scripts. Read more.

SIM swapping attack results in Verizon prepaid customer breach

Verizon has notified its prepaid customers that hackers had used exposed credit card data to gain access to their accounts and make an unauthorized change to their SIM data. Verizon has reportedly blocked further access to customer accounts and has not seen evidence suggesting the attack is continuing. The attack seems to be contained to around 250 user accounts. Read more.

Bulgarian government websites suffer Russian DDoS attacks.

Several websites associated with the Bulgarian government were at the receiving end of widespread DDoS attacks that disabled them. KillNet, a Russian hacker gang that has recently become more of a pro-Kremlin hacktivist organization, has claimed credit for the attacks, which are surely in response to Bulgaria’s support of Ukraine and their willingness to accept Ukrainians fleeing Russia’s attacks. Read more.

Nearly 900 servers were hacked using Zimbra zero-day flaw.

A flaw within Zimbra Collaboration Suite that was left unpatched for almost a month and a half has led to almost 900 servers being hacked. The vulnerability allows even low-skilled hackers to send emails containing malicious web shell planting code in the ZCS server while skirting antivirus protections. Researchers at Kasperksy report that a range of APT groups has been at work exploiting the flaw. Read more.

Australia’s Optus cyberattack results in passport complications

Customers of Australian telecom Optus continue to feel the effects of a massive cyberattack against the company that exposed the personal data of over 100,000 customers. Optus informs customers that their passports can no longer be used as online identification after the company asks the federal government to block them. Customers are displeased at Optus’s handling of the passport situation, as many use it as their primary form of ID, with some taking issue with the fact that Optus informed them of this development via an email sent on a Friday evening. Read more.

More cybersecurity news

Derek Walborn
Derek Walborn
Derek Walborn is a freelance research-based technical writer. He has worked as a content QA analyst for AT&T and Pernod Ricard.

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You might also like

Stay Connected

Must Read

Related News

Share it with your friends:

Cybersecurity news weekly roundup October 24, 2022