Cyber Security Headlines – January 3, 2022

Microsoft Exchange year 2022 bug breaks email delivery

According to numerous reports from Microsoft Exchange admins worldwide, a bug in the FIP-FS engine started blocking email delivery with on-premise servers as of midnight on January 1st. Security researcher and Exchange admin Joseph Roosen said that this was caused by Microsoft using a signed int32 variable to store the value of a date, which has a maximum value of 2,147,483,647. However, dates in 2022 have a minimum value of 2,201,010,001 or larger, which is greater than the maximum value that can be stored in the signed int32 variable, causing the scanning engine to fail and not release mail for delivery.

(Bleeping Computer)

Uber email breach allows anyone to email as Uber

The researcher who discovered a flaw that allows just about anyone to send emails on behalf of Uber, warns this vulnerability can be abused by threat actors to email 57 million Uber users and drivers whose information was leaked in the 2016 data breach. These emails, sent from Uber’s servers, would appear legitimate to an email provider (because technically they are) and make it past any spam filters, and pose significant danger to consumers, especially if they ask for credit card details. Uber seems to be aware of the flaw but has not fixed it as of Sunday.

(Bleeping Computer)

Crypto security breaches cause $4.25 billion in losses in 2021

According to a report published by Invezz, the number of crypto security breaches has increased by up 850% in the last decade, amounting to over $12 billion in stolen funds in that period. This includes a spike in 2021, in which $4.25 billion worth of cryptos was stolen by cybercriminals in 2021. The countries with the greatest losses were Japan, South Korea, the United States, the United Kingdom, and China.

(Security Affairs)

HaveIBeenPwned now includes credentials for 441K accounts from RedLine breach

Victims of RedLine malware are now able to check if their credentials have been stolen. RedLine malware allows operators to steal several information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients and LastPass credentials.

(Security Affairs)

Thanks to our episode sponsor, deepwatch

Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together.

Copycat and fad hackers will be the bane of supply chain security in 2022

Replicable attacks and a low barrier to entry will ensure the rate of supply chain attacks increases next year, cybersecurity researchers have warned. This is according to Charlie Osborne, a contributor to ZDnet. She highlights the ransomware attack levied against Kaseya in 2021 as well SolarWinds Orion. She quotes Brian Fox, the CTO of Sonatype, who added that the majority of threat actors are copycats today, and “fad” attacks — or, the ‘attack of the day’ conducted by fast-acting threat actors — are going to increase the number of supply chain intrusions next year.

(ZDNet)

Canada’s public health agency admits it tracked mobile devices during lockdown

Due to the urgency of the pandemic, the Public Health Agency of Canada accessed location data from 33 million mobile devices collected from as cell-tower location data, throughout the COVID-19 response,” a spokesperson told Canada’s National Post. In March, the Agency awarded a contract to the Telus Data For Good program (Telus is one of Canada’s main telecom providers) to provide “de-identified and aggregated data” of movement trends in Canada. The contract expired in October, and the Agency no longer has access to the location data, the spokesperson said. The Agency used the location data to evaluate the effectiveness of public lockdown measures and allow the Agency to “understand possible links between movement of populations within Canada and spread of COVID-19.”

(National Post)

U.S. officials ask AT&T, Verizon to delay 5G wireless over aviation safety concerns

Following up on a story we brought you last week, the U.S. Transportation Secretary Pete Buttigieg and the head of the Federal Aviation Administration (FAA) on Friday asked AT&T and Verizon Communications to delay the planned Jan. 5 introduction of new 5G wireless service over aviation safety concerns about potential interference of 5G with sensitive aircraft electronics like radio altimeters that could disrupt flights. Buttigieg said under the framework “commercial C-band service would begin as planned in January with certain exceptions around priority airports.”

(Reuters)

Tesla to recall 475,000 cars in the US

The electric vehicle company announced it was recalling 356,309 vehicles because of potential rear-view camera issues affecting 2017-2020 Model 3 Teslas, and a further 119,009 Model S vehicles will also be recalled because of potential problems with the front trunk. The total recall figure is almost equivalent to the 500,000 cars Tesla delivered last year. This follows a recent announcement that it will also be making changes to its Passenger Play feature, which allows games to be played on its touchscreen while the car is in motion. It took action on this issue after an investigation was launched by the US National Highway Traffic Safety Administration. The feature will now be locked and unusable while the car is moving.

(BBC News)