Security News > 2022

Accounts of more than three million users of the U.S.-based FlexBooker appointment scheduling service have been stolen in an attack before the holidays and are now being traded on hacker forums. All three breaches allegedly occurred a few days before Christmas and the intruder published the data on a hacker forum.

A previously unknown rootkit has been found setting its sights on Hewlett-Packard Enterprise's Integrated Lights-Out server management technology to carry out in-the-wild attacks that tamper with the firmware modules and completely wipe data off the infected systems. The discovery, which is the first instance of real-world malware in iLO firmware, was documented by Iranian cybersecurity firm Amnpardaz this week.

VMWare has shipped updates to Workstation, Fusion, and ESXi products to address an "Important" security vulnerability that could be weaponized by a threat actor to take control of affected systems. The company credited Jaanus Kääp, a security researcher with Clarified Security, for reporting the flaw.

Activision, publisher of the enormously popular gaming franchise Call of Duty, has taken an extraordinary step to try and shut down cheat software by suing the popular site EngineOwning. EO cheats for Call of Duty include "Aimbots" which automatically train the shooter's weapon on the opponent; "Triggerbots" that automatically fire at another player when they become visible on-screen; and a feature the lawsuit calls "ESP and 2D/3D Radar," which allows gamers to see opposing players through walls.

Microsoft has acknowledged an issue triggered by a Windows 10, version 21H2 security update released during the December 2021 Patch Tuesday that leads to search issues in Outlook for Microsoft 365. "After you install update KB5008212, recent emails may not appear in search results," Microsoft explained in a recently published Office support document.

Ransomware merchants know that corrupting your backups means you will have little choice but to pay up. Protecting your backups then is crucial to ensuring you're able to recover from an attack.

According to a Department of Justice press release, 29-year-old Fillippo Bernardini allegedly impersonated agents, editors, and others involved in the publishing industry to steal manuscripts of unpublished books. "Filippo Bernardini allegedly impersonated publishing industry individuals in order to have authors, including a Pulitzer prize winner, send him prepublication manuscripts for his own benefit," said U.S. Attorney Damian Williams.

The FBI is seeing so much activity around malicious Google Voice activity, where victims are associated with fraudulent virtual phone numbers, that it sent out an alert this week. So they tell you they will send you a Google authentication code in the form of a voice call or a text message, and then ask you to repeat the number back to them to prove you're real.

Ravkoo, a US Internet-based pharmacy service, has disclosed a data breach after the company's AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed. "Ravkoo utilizes AWS cloud services for online hosting of its prescription portal. On September 27, 2021, Ravkoo detected that this portal was the target of a cybersecurity attack," the pharmacy said in data breach notification letters sent to 105,000 affected customers on January 3.

A security vulnerability in VMware's Cloud Foundation, ESXi, Fusion and Workstation platforms could pave the way for hypervisor takeover in virtual environments - and a patch is still pending for some users. ESXi is a bare-metal hypervisor that installs on a server and partitions it into multiple virtual machines.