Security News > 2022
Kali Linux 2022.2 released: Desktop enhancements, tweaks for the terminal, new tools, and more!Offensive Security has released Kali Linux 2022.2, the latest version of its popular penetration testing and digital forensics platform. VMware issues critical fixes, CISA orders federal agencies to act immediatelyVMware has released patches for a privately reported critical vulnerability in VMware's Workspace ONE Access, VMware Identity Manager, vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products, and is urging administrators to patch or mitigate immediately, because "The ramiﬁcations of this vulnerability are serious."
The Chicago Public Schools has suffered a massive data breach that exposed the data of almost 500,000 students and 60,000 employee after their vendor, Battelle for Kids, suffered a ransomware attack in December. Yesterday, the Chicago Public School district disclosed that a December 1st ransomware attack on Battelle for Kids exposed the stored data of 495,448 students and 56,138 employees in its school system.
Another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems. PyPI is a repository of open-source packages that developers can use to share their work or benefit from the work of others, downloading the functional libraries required for their projects.
On the third and last day of the 2022 Pwn2Own Vancouver hacking contest, security researchers successfully hacked Microsoft's Windows 11 operating system three more times using zero-day exploits. All other contestants hacked their targets, earning $160,000 after taking down Windows 11 three times and Ubuntu Desktop once.
The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it doesn't pay a $20 million ransom. Costa Rican president Rodrigo Chaves said that the country is effectively at war with the gang, who in April infiltrated the government's computer systems, gaining a foothold in 27 agencies at various government levels.
While the 'Conti' brand may be shut down, cybersecurity firm Advanced Intel says that the cybercrime syndicate will continue to operate, with members joining other ransomware operations or the Conti leadership taking over smaller operations. Conti accuses LockBit and AlphV or stealing from affiliates Conti ransomware has publicly called out Lockbit ransomware group and ALPHV ransomware group.
Just a short note to let you know that we were wrong about Firefox and Pwn2Own in our latest podcast. We do know that Mozilla will be rushing to fix this one as soon as they get the details out of the Pwn2Own competition.
Two of the big-news vulnerabilities in this month's Patch Tuesday updates from Microsoft were CVE-2022-26923 and CVE-2022-26931, which affected the safety of authentication in Windows. Ironically, the CVE-2022-26923 and CVE-2022-26931 bugs only seem to apply if you're using digital certificates for added authentication security.
Multiple versions of a WordPress plugin by the name of "School Management Pro" harbored a backdoor that could grant an adversary complete control over vulnerable websites. The backdoor, which is believed to have existed since version 8.9, enables "An unauthenticated attacker to execute arbitrary PHP code on sites with the plugin installed," Jetpack's Harald Eilertsen said in a Friday write-up.
Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821, the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote attacker to connect to a Redis instance and achieve code execution.