SecureFact - Cyber Security News – Week Of September 18, 2023
Data Breaches
1. CardX released a data leak notification impacting their customers in Thailand
According to the statement published on the CardX official website on September 15th, the company experienced a cybersecurity incident that exposed personal information related to personal loan and cash card applications.
2. FBI hacker USDoD leaks highly sensitive TransUnion data
A threat actor who goes by the moniker “USDoD” announced the leak of highly sensitive data allegedly stolen from the credit reporting agency. The leaked database, over 3GB in size, contains sensitive PII of about 58,505 people, all across the globe, including the America and Europe.
Airbus investigates data leak allegedly involving thousands of suppliers
The European aerospace giant Airbus said that it is investigating a cybersecurity incident following reports that a hacker posted information on 3,200 of the company’s vendors to the dark web.
MGM Resorts disruption linked to recent attacks against hospitality industry
Security researchers link the threat group Scattered Spider to a wave of malicious activity as Caesars Entertainment confirms social engineering attack in regulatory filing.
US-Canada water commission investigating cyberattack
The organization tasked with managing the lake and river systems along the border between the U.S. and Canada for the last hundred years announced Wednesday that it experienced a cyberattack following reports that ransomware hackers claimed to have stolen reams of data.
County experiences security breach with jail employee email
The county secured the account and brought in a nationally recognized digital forensics team to help investigate. Later in the month, the county determined that an unauthorized actor accessed a County employee’s email for a limited time and copied the contents.
Malwares and Vulnerabilities
Fortinet patches high-severity vulnerabilities in FortiOS, FortiProxy, FortiWeb products
Successful exploitation of the bug, Fortinet explains in an advisory, may allow an authenticated attacker to use crafted guest management settings to trigger the execution of malicious JavaScript code.
BlackCat ransomware hits Azure Storage with Sphynx encryptor
After gaining access to the Sophos Central account using a stolen One-Time Password (OTP), they disabled Tamper Protection and modified the security policies. These actions were possible after stealing the OTP from the victim's LastPass vault using the LastPass Chrome extension.
Microsoft uncovers flaws in ncurses library affecting Linux and macOS systems
The vulnerabilities, collectively tracked as CVE-2023-29491 (CVSS score of 7.8), have been addressed as of April 2023. Microsoft said it also worked with Apple on remediating the macOS-specific issues related to these flaws.
SAP patches critical vulnerability vipacting NetWeaver, S/4HANA
The most severe of the new hot news notes addresses a critical vulnerability in BusinessObjects (CVE-2023-40622, CVSS score of 9.9), allowing attackers to access information that could be used in other attacks, potentially leading to complete application compromise.