This week's Cyber Weekly Digest features the latest zero-day vulnerabilities patched by both Apple and Microsoft and a ransomware attack on a world-leading medical tech company. Keep reading to stay up to date with the latest cyber security stories from across the world.
In this month's Microsoft Patch Tuesday, Microsoft rolled out an update to patch the actively exploited zero-day in its MSHTML Platform, which came to light last week. The 8.8 rated flaw is a remote code execution vulnerability in MSHTML that leverages malware-laced Microsoft Office documents, with EXPMON researchers noting "the exploit uses logical flaws, so the exploitation is perfectly reliable." Also, in this month's Patch Tuesday, Microsoft addressed a publicly disclosed, but not actively exploited, a zero-day flaw in Windows DNS.
Olympus, a leading medical technology company, is investigating a ransomware attack this week which affected its EMEA IT systems. Olympus has been working to discover the extent of the damage caused by the ransomware attack but believes that customer security and service was not affected by the incident. The ransom notes point to a Tor website which the BlackMatter gang has previously used to communicate with victims. BlackMatter is believed to be the rebrand of the DarkSide ransomware gang.
On Monday, Apple released a security update that fixes at least one vulnerability that may have been actively exploited. The zero-day exploit, known as ForcedEntry, was allegedly used to spy on Bahraini activists illegally with NSO Group's Pegasus Spyware. Researchers are urging Apple users to update their devices immediately. So far, Apple has patched over ten zero-day vulnerabilities used in targeted attacks against iOS and Mac devices this year.
On Tuesday, the U.S. Department of Justice disclosed it fined three intelligence community and military personnel $1.68 million in penalties for their role working on behalf of a UAE-based cyber security company. The three individuals were charged for violations of U.S. export control, computer fraud and access device fraud laws, as well as alleged to have supervised the creation of zero-click exploits that were used to steal credentials for online accounts issued by U.S. companies.
Millions of HP OMEN laptop and desktop gaming computers are exposed to attacks by a vulnerability that could allow attackers to trigger a denial of service states or escalate privileges and disable security solutions. The vulnerability, rated as high severity, was found in a driver used by the OMEN Gaming Hub software, which is pre-installed on all HP OMEN desktops and laptops. SentinelOne researchers published the details of the vulnerability in a report which was published this week.