News

Hi all,

It's a bit of a quick one this week. Please bear with my while I make my way through three more weeks of training. I do my best not to skip a week though, even if the end result comes out a bit rough :-) Enjoy the digest and have a good one!

Cheers,

Dieter




Quick stories

  • Six senators tell Biden administration UN cybercrime treaty must be changed: link.
  • Microsoft Entra "security defaults" to make MFA setup mandatory: link.
  • Four REvil members sentenced to more than four years in prison: link.
  • UnitedHealth Group names new CISO 8 months after massive ransomware attack: link.

Breaches and leaks

  • Colorado scrambles to change voting-system passwords after accidental leak: link.
  • Free, France’s second-largest telecoms company, confirms being hit by cyberattack: link.
  • Massive PSAUX ransomware attack targets 22,000 CyberPanel instances: link.
  • Interbank confirms data breach following failed extortion, data leak: link.
  • LottieFiles hacked in supply chain attack to steal users’ crypto: link.
  • Over a thousand online shops hacked to show fake product listings: link.

Issues and fixes

  • New Chrome update for two critical vulnerabilities: link.
  • QNAP fixes NAS backup software zero-day exploited at Pwn2Own: link.
  • qBittorrent fixes flaw exposing users to MitM attacks for 14 years: link.
  • LiteSpeed Cache WordPress plugin bug lets hackers get admin access: link.
  • Hackers target critical zero-day vulnerability in PTZ cameras: link.