In this week's Cyber Weekly Digest, we dive into the biggest cyber security stories from the beginning of 2022, including a ransomware attack impacting a school website services provider which supports over 8,000 institutions worldwide and a vulnerability allowing almost anyone to send a legitimate email from uber.com. Keep reading to stay up to date on the latest cyber security news.
FinalSite, a school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide. FinalSite provides solutions for over 8,000 schools and universities across 115 different countries. On Tuesday this week, schools that host their websites through FinalSite were either displaying errors or unreachable. After three days of disruption, FinalSite confirmed that a ransomware attack on their network had caused the outages.
A financially-motivated actor named 'Elephant Beetle' has been found stealing millions of dollars from organisations worldwide using over 80 unique tools and scripts. The group spends months studying the victim's environment and financial transaction processes before exploiting flaws in the operation. The actors inject fraudulent transactions into the network and steal small amounts over long periods, leading to an overall theft of millions of dollars. The report released 'Elephant Beetle' appears to target legacy Java applications on Linux systems as their entry point into corporate networks.
A novel persistent denial of service vulnerability named 'doorLock' has been discovered in Apple HomeKit, affecting iOS 14.7 through 15.2. According to the security researcher who released details on the vulnerability, Apple has known about the flaw since August 2021 but has continued to push the update and remains unresolved. However, the bug can only be exploited by someone with access to the victims "home" and is triggered by an attacker who would change the name of a HomeKit device to a string larger than 500,000 characters.
Google rolled out an update for Chrome this week on Windows, Mac and Linux that included 37 security fixes, one of which was rated critical. The latest version of Chrome includes fixes for CVE-2022-0096, a critical use-after-free (UAF) vulnerability, as well as three heap buffer overflow issues, rated high severity. Google did not say if exploits exist for any of the vulnerabilities. However, security researchers have said they are unaware that any of these vulnerabilities are being actively exploited in the wild.
Researchers uncover a vulnerability in Uber's email system that allows almost anyone to send emails on behalf of Uber. The researcher who discovered this flaw warns that threat actors can abuse this vulnerability to email 57 million Uber users and drivers whose information was leaked in the 2016 data breach. Uber seems aware of the flaw but has not yet fixed it. Researchers say it is an exposed endpoint on Uber's servers responsible for the flaw and allows anyone to craft an email on behalf of Uber.