Round Up of Major Breaches and Scams
Microsoft is investigating a recently discovered issue that causes deleted emails to reappear in the mail inbox of Outlook.com accounts. The exact cause behind these Outlook.com undeletable emails but the company says that it’s working on a fix to be deployed when a resolution is available. Until a solution is available, Microsoft does provide a workaround to get rid of any messages that keep coming back after being removed.
The cache of data sitting wide open on a server included full names, national ID numbers and credit card data. A wide range of sensitive information of millions of hotel guests has been discovered sitting on an unsecured server and accessible for anyone to view. The data was stored on a misconfigured Amazon Web Services (AWS) S3 bucket belonging to Prestige Software, a Spain-based company that sells hotel reservation management software.
Round Up of Major Malware and Ransomware Incidents
Zscaler says attacks involving the use of SSL/TLS encryption jumped 260% in the first nine months of 2020 compared to the same period last year. The fact that attackers hide malware inside encrypted traffic is not news any longer. What might be surprising, however, is just how much the practice has recently spiked due in part to the shift to remote work in the COVID-19 pandemic.
It’s a big week for gamers across the globe, with imminent, dueling releases of Xbox Series X and PlayStation PS5. However, an army of retail bots threaten to drive prices up as much as three times the retail price, putting the coveted holiday gifts well out of reach of everyday fans. Retailers were quickly cleared out of Xbox inventory on its release day Tuesday. Best Buy sold theirs out quickly, priced at $499.99. There were plenty available on eBay though, with price tags more than double that price, several marked at over $1,000.
A team of academics has disclosed today a new attack method that can extract data from Intel CPUs. Named Platypus, an acronym for “Power Leakage Attacks: Targeting Your Protected User Secrets,” the attack targets the RAPL interface of Intel processors. RAPL, which stands for Running Average Power Limit, is a component that allows firmware or software applications to monitor power consumption in the CPU and DRAM.
Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report. Attackers are using ads for fake Microsoft Teams updates to deploy backdoors, which use Cobalt Strike to infect companies’ networks with malware. Microsoft is warning its customers about the so-called “FakeUpdates” campaigns in a non-public security advisory, according to a report in Bleeping Computer.
Round Up of Major Vulnerabilities and Patches
Patch Tuesday Microsoft published fixes for 112 software vulnerabilities for its November Patch Tuesday, 17 of which have been rated critical. Of the remainder, 93 are rated important, and two are rated low severity. Fifteen Microsoft products are affected, including: Microsoft Windows, Office, Internet Explorer, Edge (EdgeHTML and Chromium), ChakraCore, Exchange Server, Dynamics, Windows Codecs Library, Azure Sphere, Windows Defender, Teams, Azure SDK, Azure DevOps, and Visual Studio.
The Intel Support Assistant is the latest Windows utility to be found that could expose millions of computers to privilege-escalation attacks through file manipulation and symbolic links. Intel issued a patch on Nov. 10, fixing a vulnerability in the way the Intel Support Assistant interacts with files that could impact millions of Windows systems and could lead to privilege-escalation attacks.
A researcher reported ‘extraordinary’ vulnerabilities in TCL Android TVs – TCL is the world’s 3rd largest TV manufacturer. Sticking with the television has been a long habit of entertainment consumers now more than ever thanks to the inbuilt integration offered with apps such as Netflix. Riding on this wave, TCL happens to be one such manufacturer who has become the 3rd largest in this industry, beating a lot of noteworthy rivals. However, there is bad news too. Just recently, a security report by the researcher has found some serious vulnerabilities in TCL Android TVs.
The vulnerabilities in a common line of programmable logic controllers could allow attackers to gain control of industrial equipment. Researchers at Claroty have released new details on authentication and encryption vulnerabilities found in Schneider Electric programmable logic controllers (PLCs). The vulnerabilities, if exploited, could allow an attacker to exfiltrate data, modify code, and execute commands on operational technology (OT) and critical infrastructure systems.
Ubuntu developers have fixed a series of vulnerabilities that made it easy for standard users to gain coveted root privileges. “This blog post is about an astonishingly straightforward way to escalate privileges on Ubuntu,” Kevin Backhouse, a researcher at GitHub, wrote in a post published on Tuesday. “With a few simple commands in the terminal, and a few mouse clicks, a standard user can create an administrator account for themselves.”
Adobe addressed vulnerabilities in its Reader Mobile and Connect products, none of them is rated as critical severity. Adobe has released security patches to address vulnerabilities in its Reader Mobile and Connect products. “Adobe has published security bulletins for Adobe Connect (APSB20-69) and Adobe Reader Mobile (APSB20-71). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.” reads the security advisory published by the company.
Cisco has released a security update to address a vulnerability in IOS XR Software for ASR 9000 Series Aggregation Services Routers. An unauthenticated, remote attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco security advisory and apply the necessary update.
Intel released 40 security advisories in total, addressing critical- and high-severity flaws across its Active Management Technology, Wireless Bluetooth and NUC products. A massive Intel security update this month addresses flaws across a myriad of products – most notably, critical bugs that can be exploited by unauthenticated cybercriminals in order to gain escalated privileges.