Cyber Threat Report: Cyber Security News for 04/13/23

Windows Zero-Day Exploited by Cybercriminals in Ransomware Attacks
The issue is an unspecified vulnerability in the CLFS driver that allows for privilege escalation. A local attacker can exploit this vulnerability to gain SYSTEM privileges. The vulnerability is easy to exploit and could be triggered without user interaction. Read More

A “By-Design” Flaw in Microsoft Azure can allow Storage Accounts to Takeover
A flaw in Microsoft Azure could be exploited by attackers to gain access to storage accounts, perform lateral movements, and even execute remote code. Read More

Ex-employee Password Abuse: 10% Log Back in to ‘Disrupt’ Business, Report
47% of workers surveyed said they continued to access accounts such as email, software, and digital tools related to their past job. Read More

Uber Data Targeted in Breach of Third-Party Law Firm
The incident was the third breach involving Uber data over a six-month period, the last two were the result of attacks on third parties related to Uber. Read More

FTX Bankruptcy Filing Highlights Security Failures
Debtors claim that the defunct cryptocurrency exchange FTX lacked any dedicated security personnel and failed to implement critical access controls. Read More

The Education Sector sees a 34% Increase in IoT Attacks
The education and research sector has experienced a sharp increase in attacks targeting Internet of Things devices with 131 weekly attacks per organization — more than twice the global average and a staggering 34% increase from the year before. Read More

Two-Fifths of IT Pros Told to Keep Breaches Quiet
Over two-fifths (42%) of IT professionals have been told to keep a security breach under wraps, potentially inflaming regulatory compliance risk. Read More

NTC Vulkan Leak Shows Evolving Russian Cyberwar Capabilities
Documents from a Russian intelligence subcontractor provide insight into the Kremlin's cyberwar objectives and potential long-term threats to Western organizations. Read More

Microsoft’s War on Illicit Cobalt Strike Software is Part of a New Anti-Ransomware Front
Forked versions of the Cobalt Strike software have proliferated among cybercriminals and are attributed to a scourge of malware attacks. Read More

Tracking Pixel Use Results in Data Breach at NY Hospital, 54K Impacted
The use of tracking and analytics tools on NewYork-Presbyterian Hospital’s public-facing website may have resulted in the exposure of patient information. Read More

Apple Rushes Fixes for Exploited Zero-Days in iPhones and Macs
The vulnerabilities have been exploited in tandem to achieve full device compromise – with the likely (though not confirmed) goal to install spyware on target devices. Read More

1M+ WordPress Sites Hacked via Zero-Day Plug-in Bugs
A wide-ranging campaign to inject malicious code into WordPress-run websites has been ongoing for at least five years. Read More

HEADLINE PRIVACY & IT SECURITY COMPLIANCE NEWS

This past week a zero-day vulnerability, known as CVE-2023-28252, was discovered and said to actively exploit the Windows Common Log File System (CLFS). The vulnerability allows attackers to gain full control of any system, including executing code remotely. This new exploit can have a major impact on businesses and individuals throughout. Microsoft has since addressed the vulnerability by releasing security updates during their April 2023 Patch on Tuesday. The security updates aim to fix the issue and improve the security of the affected systems.

In recent news, a security flaw in Microsoft Azure allowed a researcher to gain access to sensitive data. The vulnerability was found in Azure's platform-as-a-service (PaaS), which allows developers to build and deploy applications on Azure. The flaw gave the researcher access to the admin panel of Azure services—including databases and storage accounts—without proper authentication. Microsoft has since patched the vulnerability and awarded the researcher a bug bounty for their discovery. This incident highlights the importance of regular security assessments and bug bounties to identify and address potential security risks.

Get in touch with us to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.