SSH Terrapin attack. Interpol operation arrests 3,500 cybercriminals. Quick version.  

News

Hi folks,

I hope you all had a wonderful week. I had the first "normal" week in a while and it felt good. Normal that is, except for tomorrow and the weekend, when we'll be off to an amusement park with our kids, and then on to the Christmas celebrations :-)

I'll make this a quick version, since it's already late and I want to focus on the family time tomorrow. I hope you'll forgive me :-) As always in the quick version, I'll use the default summaries instead of my own.

You all make sure to enjoy your weekend, your holidays, and your family get-togethers!

Cheers!

Dieter Van der Stock

SSH protects the world’s most sensitive networks. It just got a lot weaker

Novel Terrapin attack uses prefix truncation to downgrade the security of SSH channels.

arstechnica.com

Interpol operation arrests 3,500 cybercriminals, seizes $300 million

An international law enforcement operation codenamed 'Operation HAECHI IV' has led to the arrest of 3,500 suspects of various lower-tier cybercrimes and seized $300 million in illicit proceeds.

bleepingcomputer.com

AlphV claims to have ‘unseized’ its darkweb domain from the FBI. What’s happening?

Not everyone saw the same thing after the FBI posted an image saying it had seized Tor-accessible websites from the AlphV/Blackcat gang. Experts explain what might be going on.

therecord.media

State-linked cyber actors behind SolarWinds plant seeds for new malicious campaign

U.S. authorities are raising alarms that the 2020 Sunburst attack threat actors are exploiting a CVE in JetBrains TeamCity in preparation for future supply chain compromises.

cybersecuritydive.com

Hackers don’t stop testing. Neither should you.

If you think doing a quick pentest every few quarters isn’t enough, you are correct. GlitchSecure combines continuous vulnerability assessments with real-time pentesting - all verified by highly skilled (and wonderful) humans in a user friendly platform. (Sponsored)

glitchsecure.com

How Microsoft’s cybercrime unit has evolved to combat increased threats

Microsoft has honed its strategy to disrupt global cybercrime and state-backed actors.

arstechnica.com

Apple’s new iPhone security setting keeps thieves out of your digital accounts

iPhone PINs won’t be enough to steal your iCloud account soon.

theverge.com

New rules in UK could reimburse fraud victims up to £415,000 ($525,000)

Expected in October 2024, the new rules represent a radical change to who is liable for losses incurred in fraud such as romance and investment scams.

therecord.media

How Congress can rein in data brokers

Know your customer rules are a first step to address the risks of sensitive data — including on U.S. military servicemembers — sold online.

cyberscoop.com

Escape: securing 100% of your APIs is one click away.

Are you confident in having complete control over your attack surface, even for Shadow APIs? Take a look at Escape's powerful combination of agentless API discovery and security, and never doubt again. Detect OWASP Top 10 and complex logic flaws at scale and empower your developers to adopt security in CI/CD. (Sponsored)

escape.tech

Breaches and leaks

  • UniFi devices broadcasted private video to other users’ accounts: link.
  • Mortgage giant Mr. Cooper says October cyberattack leaked data of 14.7 million people: link.
  • Xfinity data breach affects 36 million people: link.
  • MongoDB says customer data was exposed in a cyberattack: link.
  • Ransomware gang behind threats to Fred Hutch cancer patients: link.
  • More than 45,000 affected by cyberattack on Idaho nuclear research lab: link.
  • Healthcare software provider ESO Solutions data breach impacts 2.7 million: link.
  • Delta Dental of California data breach exposed info of 7 million people: link.
  • Vans and North Face owner VF Corp hit by ransomware attack: link.
  • Ontario public library shuts down most services due to cyberattack: link.
  • Central Bank of Lesotho facing outages after cyberattack: link.
  • Indian tech giant HCL investigating ransomware attack: link.
  • Israel-linked hacking group claims attack on Iranian gas pumps: link.
Dieter Van der Stock

Issues and fixes

  • Google fixes 8th Chrome zero-day exploited in attacks this year: link.
  • QNAP VioStor NVR vulnerability actively exploited by malware botnet: link.
  • WordPress hosting service Kinsta targeted by Google phishing ads: link.
  • Microsoft discovers critical RCE flaw in Perforce Helix Core Server: link.
  • Ivanti releases patches for 13 critical Avalanche RCE flaws: link.
  • 3CX warns customers to disable SQL database integrations: link.
  • 80 percent of Struts 2 downloads include critical flaw: link.
Dieter Van der Stock

Using 1Password for CI/CD secrets

When configuring a CI/CD pipeline you'll usually have to copy over secrets to make it work. It always feels a bit icky, but necessary. That is until now, because now you can connect 1Password directly to the workflow instead. There's already a guide for CircleCI, Github Actions and Jenkins. (Sponsored)

1password.com

No spam, ever. We'll never share your email address and you can opt out at any time.