In this week’s Cyber Weekly Digest we dive into the biggest cyber security news including an airline that was hit by a ransomware attack, causing large flight delays, and why the largest English-speaking darknet market shut down. Keep reading to stay up to date on the latest cyber security news.
Indian airline SpiceJet has informed its customers of an attempted ransomware attack this week, that has impacted some of its systems and caused delays on flight departures. According to SpiceJet, their IT team was able to contain the attack quickly. However, customers reported that they were still unable to access some services including customer support. Customers were only able to access the company’s homepage and flight timetable status, in which most flights had large delays between two and five hours.
This week, Zoom patched a medium-severity flaw, advising Windows, macOS, iOS and Android users to update their client software to version 5.10.0. Researchers discovered that the vulnerability abuses the parsing inconsistencies between XML parser in Zoom client and server software to “smuggle” arbitrary XMPP stanzas to the victim machine. An attacker sending a specially crafted control stanza can force the victim client to connect with a malicious server.
The Versus Market, one of the most popular English-speaking criminal darknet markets, is shutting down after discovering a severe exploit that could have allowed access to its database and exposed the IP address of its servers. A hacker exposed the marketplace's vulnerability by leaking a PoC on how to access the file system of the site's server on Dread, a darknet social media space. After discovering the vulnerabilities the operators of Versus have decided to shut down the market themselves, finding it too risky to continue.