Security News > 2022 > August

Security researchers have uncovered multiple vulnerabilities impacting UWB RTLS, enabling threat actors to conduct man-in-the-middle attacks and manipulate tag geo-location data. Nozomi analysts focused on the Sewio Indoor Tracking RTLS UWB Wi-Fi kit and Avalue Renity Artemis Enterprise kit, two widely used RTLS solutions that support the safety functionalities described above.

They have the world's largest community of ethical hackers working to stay ahead of cybercriminals, going on the offense, searching for bugs and vulnerabilities before attackers do. Two years ago, Forbes reported that more than 700,000 ethical hackers were already part of the HackerOneBounty program.

Conti is the name of a well-known ransomware gang - more precisely, what's known as a ransomware-as-a-service gang, where the ransomware code, and the blackmail demands, and the receipt of extortion payments from desperate victims are handled by a core group. About two years ago, the REvil ransomware gang put up a cool $1,000,000 as front money in an underground hacker-recruiting forum, trying to entice new affiliates to join their cybercriminal capers.

Almost 7 million users have attempted to install malicious browser extensions since 2020, with 70% of those extensions used as adware to target users with advertisements. The most common payloads carried by malicious web browser extensions during the first half of 2022 belonged to adware families, snooping on browsing activity and promoting affiliate links.

Industrial organizations face security threats not only on their networks but across their factories and facilities. A report published Tuesday by Honeywell looks at how malware on USB devices can threaten industrial facilities.

AdvIntel has released a new publication about several threat actors now using BazarCall in an effort to raise awareness of this threat. Once done, the threat actor has a functional backdoor to the victim's computer, which can later be used for further exploitation.

The company says they first learned of the breach after MailChimp disabled their account without warning on August 8th. DigitalOcean used this MailChimp account to send email confirmations, password reset notifications, and alerts to customers. "We were formally notified on August 10th by Mailchimp of the unauthorized access to our and other accounts by what we understand to be an attacker who had compromised Mailchimp internal tooling," explains a security advisory from DigitalOcean.

A Minnesota computer store suing its crime insurance provider has had its case dismissed, with the courts saying it was a clear instance of social engineering, a crime for which the insurer was only liable to cover a fraction of total losses. Travelers, which filed a motion to dismiss, said SJ's policy clearly delineated between computer fraud and social engineering fraud.

The best option is to use a method to encrypt your outgoing emails to protect them against compromise. If you send a secure email to someone who doesn't have a Sendinc account, that person is prompted to set one up in order to read your email.

With the Evil PLC attack, the controller acts as a means to an end, permitting the threat actor to breach a workstation, access to all the other PLCs on the network, and even tamper with the controller logic. Put differently, the idea is to "Use the PLC as a pivot point to attack the engineers who program and diagnose it and gain deeper access to the OT network," the researchers said.