Security News > 2022 > October

Google pushed out a bunch of security fixes for the Chrome and Chromium browser code earlier this week. In short, what we mean is that when Google says "It is aware of reports" of an attack launched by exploiting Chrome in real life, we're ready to assume that you can translate this into "The bug is real, and it really can be exploited, but because we didn't actually investigate the hacked system in real life ourselves, we're still on safe ground if we don't come straight out and say, 'Hey, everyone, it's an 0-day'."

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Communication services provider Twilio this week disclosed that it experienced another "Brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. "In the June incident, a Twilio employee was socially engineered through voice phishing to provide their credentials, and the malicious actor was able to access customer contact information for a limited number of customers," Twilio said.

ConnectWise has released security updates to address a critical vulnerability in the ConnectWise Recover and R1Soft Server Backup Manager secure backup solutions.Affected software versions include ConnectWise Recover or earlier and R1Soft SBM v6.16.3 or earlier.

ConnectWise has released security updates to address a critical vulnerability in the ConnectWise Recover and R1Soft Server Backup Manager secure backup solutions. Affected software versions include ConnectWise Recover or earlier and R1Soft SBM v6.16.3 or earlier.

Raspberry Robin, a worm that spreads through Windows systems via USB drives, has rapidly evolved: now backdoor access is being sold or offered to infected machines so that ransomware, among other code, can be installed by cybercriminals. In a report on Thursday, Microsoft's Security Threat Intelligence unit said Raspberry Robin is now "Part of a complex and interconnected malware ecosystem" with links to other families of malicious code and ties to ransomware infections.

Chen Xinjun, dean of the College of Marine Sciences at Shanghai Ocean University, made the remarks in response to recent accusations by foreign reporters and actor Leonardo DiCaprio that China is depleting its own fish stock and that Chinese boats have sailed to other waters to continue deep-sea fishing, particularly near Ecuador, affecting local fish stocks in the South American nation. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Finally, Microsoft disclosed that Vice Society uses multiple ransomware families in attacks, including BlackCat, Quantum, Zeppelin, and a Vice Society-branded variant of Zeppelin ransomware. We also learned more information about new and existing ransomware attacks, such as an alleged 60 million LockBit ransomware demand on Pendragon, Hive claiming the attack on Tata Power, Medibank warning that the hackers accessed all customers' personal data, a ransomware attack on the Indianapolis Housing Agency, and Australian Clinical Labs disclosing that patient data was stolen.

A new publication from Symantec, a Broadcom software company, reveals details about a new method used by the Cranefly threat actor to communicate with its malware in ongoing attack campaigns. The malware uses PyInstaller, which is a known tool to compile Python code into an executable file.

Microsoft is working on a fix for ongoing sign-in issues affecting some Outlook for Microsoft 365 customers and preventing them from accessing their accounts. While Microsoft says that the Outlook Team is working on a solution for this known issue, an official workaround is available for those who want to access their accounts until a fix rolls out.