BACKGROUND: It has been reported that Microsoft (MSFT.O) on Thursday warned thousands of its cloud computing customers, including some of the world’s largest companies, that intruders could have the ability to read, change or even delete their main databases, according to a copy of the email and a cyber security researcher. The vulnerability is in Microsoft Azure’s flagship Cosmos DB database. A research team at security company Wiz discovered it was able to access keys that control access to databases held by thousands of companies. Wiz Chief Technology Officer Ami Luttwak is a former chief technology officer at Microsoft’s Cloud Security Group.
ISBuzz Team
BACKGROUND: Yesterday, President Biden hosted executives from major technology, financial, and energy companies for a summit on national cybersecurity, calling the issue “the core national security challenge we are facing.” Speaking to reporters briefly at the start of the meeting, Mr. Biden highlighted estimates that roughly half a million cybersecurity jobs in the U.S. are currently unfilled and stressed the private sector needs to do more to safeguard digital systems from criminal and state-backed hackers and spies. “The federal government can’t meet this challenge alone,” Mr. Biden said. “I’ve invited you all here because you have the power, the capacity, and the responsibility, I…
The town of Peterborough, New Hampshire lost $2.3 million after BEC scammers redirected multiple bank transfers using forged documents sent to the town’s Finance Department staff via various email exchanges. The town doesn’t believe that the funds can be recovered by reversing the transactions, or that these losses will be covered by insurance.
Researchers today disclosed multiple data leaks resulting from Microsoft Power Apps portals configured to allow public access – a new vector of data exposure. The types of data varied between portals, including personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants, employee IDs, and millions of names and email addresses. UpGuard notified 47 entities of exposures involving personal information, including governmental bodies like Indiana, Maryland, and New York City, and private companies like American Airlines, J.B. Hunt, and Microsoft, for a total of 38 million records across all portals. This research presents an example of a larger theme, which…
BACKGROUND: Following warnings from CISA* of malicious cyber actors targeting ProxyShell vulnerabilities, there is growing concerned more government and organization systems could be exposed.
BACKGROUND: Jonhat on Twitter details the Zero-day admin escalation he found using Razer peripherals on Windows 10. He even includes a video example of the escalation. Excerpt: Need local admin and have physical access? – Plug a Razer mouse (or the dongle) – Windows Update will download and execute RazerInstaller as SYSTEM – Abuse elevated Explorer to open Powershell with Shift+Right click
HP Wolf Security has just released the findings of a global survey of 1,100 IT decision-makers (ITDMs), examining their concerns around rising nation-state attacks. 72% of respondents said they worry that nation-state tools, techniques, and procedures (TTPs) could filter through to the darknet and be used to attack their business. Such concerns are well-founded. In recent months, evidence has emerged that techniques deployed in the SolarWinds supply chain attack have already been adopted by ransomware gangs – a trend likely to continue.
BACKGROUND: The U.S. State Department was recently hit by a cyber-attack and notifications of a “possible serious breach” were issued, according to a series of tweets by Fox News reporter Jacqui Heinrich. It’s unclear when the breach was discovered, but it’s believed to have happened a couple of weeks ago. The Department of Defense’s Cyber Command made the notifications, Heinrich said. “The Department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected,” a State Department spokesperson said in a statement. “For security reasons, we are not in a position to discuss the…
BACKGROUND: BlackBerry has publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a BadAlloc vulnerability. The vulnerability has left 200 million cars, along with critical hospital and factory equipment, vulnerable. CISA strongly encourages critical infrastructure organizations and other organization developing, maintaining, supporting, or using affected QNX-based systems, to patch affected products as quickly as possible.
BACKGROUND: Chase Bank has sent out a notification letter acknowledging a leak of customer data, including statements, transaction list, names, and account numbers to other members, due to a “technical issue” present on both their website and the mobile app. The issue is said to have continued from May 24th to July 14th of this year. An expert with YouAttest comments.