Updated: Apr 3, 2020
This week’s digest is all about breaches and vulnerabilities both patched and unpatched. Here is our roundup of what happened.
1. Microsoft announced the discovery of unpatched flaws in all supported versions of Windows, that are currently being exploited in the wild. Microsoft will most likely release security patches next patch Tuesday to fix these vulnerabilities in Windows 8.1 and 10 while only those with extended support contracts will receive a patch for Windows 7. Attackers exploit these vulnerabilities by delivering emails containing a specially crafted document asking users to open it. As always we advise you to be very careful and always suspicious of emails sent by unknown sources to avoid falling a victim of someone trying to take advantage of this vulnerability.
2. Apple has released dozens of security patches for iOS, macOS, AppleWatch and iTunes to fix bugs that can result in information disclosure, remote code execution and cross-site scripting. Since all of us are stuck inside because of the coronavirus pandemic, it is a great time to get patching.
3. As reported from KrebsonSecurity, the London Fintech company firm Finastra announced it was shutting down key systems in response to a security breach. The attack has since been confirmed to be a ransomware. The company has suffered considerably because of the attack, with customers and employees unable to access their resources. If you are worried about falling a victim of a ransomware attack, please contact us to give you more information regarding SentinelOne and how it can protect your organization from a breach.
4. A five million record database containing data from past security breaches was left exposed by a security firm. A researcher found the database on a publicly accessible Elasticsearch instance managed by the security firm Keepnet Labs. Immediately he notified the company which although it did not reply, took down the data within an hour. The data contained information for the passwords, email addresses of breached users, and even the potential hash type used.
5. As reported from Infosecurity, the Chinese actor APT41 (aka Double Dragon) has been recently observed carrying out one of the most widespread threat campaigns by a Chinese cyber espionage actor in recent years. The campaign included targets all over the world, including in the US,