Cyber Weekly Digest - 2022 Week #42

Updated: Oct 28

In this week’s Cyber Weekly Digest find out about the latest critical vulnerabilities being exploited by attackers including a new flaw reported to be similar to Log4Shell. Keep reading to stay up to date on the biggest cyber security news from this week.

1. Fast Company says Executive Board member information was not stolen in the recent attack.

American business magazine Fast Company reached out to its Executive Board members this week to let them know their personal information was not stolen in the September 27 cyberattack that forced it to shut down its website. It was also confirmed that the attacker was able to steal contributor credentials and put them up for sale online after compromising its content management system. “The hacked downloaded Fast Company contributor usernames and passwords and made the obtained information available for purchase on the website called Breached Forums,” Fast Company said in a statement. Thankfully executive board member information wasn’t compromised in the cyberattack, Fast Company said. This alert follows a two-week shutdown of Fast Company’s website after the hacker also pushed racist notifications to readers’ mobile devices via Apple News.

2. Almost 900 servers compromised using Zimbra Zero-day flaw.

Almost 900 servers have been compromised using a critical Zimbra Collaboration Suit (ZCS) vulnerability, which at the time was a zero-day left without a patch for nearly 1.5 months. This vulnerability was tracked as CVE-2022-41352 which allows an adversary to send an email with a malicious archive attachment that plants itself as a web-shell in the ZCS server and at the same time, bypassing anti-virus security checks. This CVE is marked as 9.8, making it critical. According to cyber security researchers, 876 servers have been compromised by Advanced Persistent Threats (APTs) before the vulnerability was marked as a CVE. After the vulnerability was marked as a CVE, hackers moved to mass server compromising with as many servers worldwide before admins patched the systems and shut the door to intruders.

3. Text2Shell RCE vulnerability in Apache Common Texts disclosed publicly.