Security News > 2022 > June
From a restaurant in Singapore. It’s not actually giant squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog...
A sophisticated Chinese advanced persistent threat actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack. "The attacker implement[ed] an interesting web shell backdoor, create[d] a secondary form of persistence, and ultimately launch[ed] attacks against the customer's staff," Volexity said in a report.
An enterprise-grade surveillanceware dubbed Hermit has been put to use by entities operating from within Kazakhstan, Syria, and Italy over the years since 2019, new research has revealed. Lookout attributed the spy software, which is equipped to target both Android and iOS, to an Italian company named RCS Lab S.p.
A group of senators wants to make it illegal for data brokers to sell sensitive location and health information of individuals' medical treatment. "When abortion is illegal, researching reproductive health care online, updating a period-tracking app, or bringing a phone to the doctor's office all could be used to track and prosecute women across the US," Sen. Ron Wyden, a co-sponsor of the Health and Location Data Protection Act, said in a statement.
A Russian operated botnet known as RSOCKS has been shut down by the US Department of Justice acting with law enforcement partners in Germany, the Netherlands and the UK. It is believed to have compromised millions of computers and other devices around the globe. The RSOCKS botnet functioned as an IP proxy service, but instead of offering legitimate IP addresses leased from internet service providers, it was providing criminals with access to the IP addresses of devices that had been compromised by malware, according to a statement from the US Attorney's Office in the Southern District of California.
Microsoft is investigating a new known issue causing Azure Active Directory and Microsoft 365 sign-in issues on Arm devices after deploying the June 2022 Windows updates. The complete list of Windows versions affected by this newly acknowledged known issue includes only the following client platforms: Windows 11 21H2, Windows 10 21H2, Windows 10 21H1, and Windows 10, version 20H2. Redmond engineers are now working on a resolution for these AAD and Microsoft 365 login problems and will release a fix to address them with a future Windows update.
Cisco advises owners of end-of-life Small Business RV routers to upgrade to newer models after disclosing a remote code execution vulnerability that will not be patched. According to a Cisco security advisory, the flaw exists due to insufficient user input validation of incoming HTTP packets on the impacted devices.
Microsoft has recently added a new privacy feature that allows Windows 11 users to get a list of all the apps that have recently accessed their sensitive info and devices, including their camera, microphone, and contacts. Added in one of the June Windows 11 Preview Builds, it can now be tested by Windows Insiders in the Dev Channel.
Microsoft has recently added a new privacy feature that allows Windows 11 users to get a list of all the apps that have recently accessed their sensitive info and devices, including their camera, microphone, and contacts. Added in one of the June Windows 11 Preview Builds, it can now be tested by Windows Insiders in the Dev Channel.
Microsoft is extending the Defender brand with a version aimed at families and individuals.Microsoft Defender for individuals, available for Microsoft 365 Personal and Family subscribers, is a cross-platform application, encompassing macOS, iOS, and Android devices and extending "The protection already built into Windows Security beyond your PC.".