Cyber Threat Report: Cyber Security News for 12/22/22

A New Microsoft Exchange Flaw is Being Used to Attack Servers
Delivers remote access tools and remote administration software. Exploit also chain bypasses mitigations. Read More

Russian Killnet Hackers Claim Data Theft of FBI Agents
On Telegram, Killnet hackers have leaked a text file showing the login credentials of 10,000 individuals whom they claim are FBI agents Read More

Cyber Command Conducted Offensive Operations to Protect Midterm Elections
Cyber Command executed so-called “full spectrum” operations to safeguard the latest U.S. election Read More

Subcontractor Breach Affects 245K Medicare Beneficiaries
CMS: Vendor 'Violated Obligations' to Agency; New Medicare Cards, IDs Being Issued Read More

Cisco Warns of Many Old Vulnerabilities Being Exploited in Attacks
Cisco has updated multiple security advisories to warn of the malicious exploitation of severe vulnerabilities impacting its networking devices. Read More

US Puts 3 Dozen More Chinese Companies on Trade Blacklist
The U.S. Department of Commerce is adding 36 Chinese high-tech companies, including makers of aviation equipment, chemicals, and computer chips, citing concerns over national security, U.S. interests, and human rights. Read More

Hacker Halts Sale of FBI’s High-Profile InfraGard Database
The InfraGard database containing the personal details of 87,000 members was initially being sold for $50,000 on a cybercrime and hacking forum. Read More

DraftKings Data Breach Impacts Personal Information of 68,000 Customers
The incident, initially disclosed in November, was the result of a credential stuffing attack and not a breach of DraftKings’ systems, the company says. Read More

FCC Proposes Record $300 Million Fine Against Auto Warranty Robocall Campaign
The fine is a follow-up to an FCC investigation launched earlier this year into the massive scam campaign that hounded consumers. Read More

HEADLINE PRIVACY & IT SECURITY COMPLIANCE NEWS

A new Microsoft Exchange flaw is being exploited by attackers to deliver remote access tools and remote administration software. Researchers from CrowdStrike discovered the exploit chain while investigating a Play ransomware attack. The exploit chain bypasses mitigations for a URL rewrite flaw, allowing the attackers to gain remote code execution privileges on target endpoints. A patch is available to fix the flaw. It is recommended that organizations with on-prem Microsoft Exchange servers apply the November 2022 cumulative update or disable OWA if they cannot apply the patch. Microsoft has been deploying various solutions to keep its customers secure on Exchange servers, and by next month, it will permanently disable Exchange Online's basic authentication and replace it with a modernized authentication method.

A Russian hacker group called KillNet has claimed to have hacked an FBI database. Since the war between Russia and Ukraine began in February, Killnet has launched 76 attacks against countries supporting Ukraine. Recently, the hacker group claimed to have stolen the personal information of over 10,000 US federal agents. This hack is similar to previous attacks by KillNet, which have had political undertones. It is not yet clear whether this claim by KillNet is true or not.

Get in touch with Chris Kniffin, Corporate Director, to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.