Cyber Security Headlines – November 1, 2021

Iranian Black Shadow hacking group breaches Israeli Internet hosting firm

The group compromised the server of the Israeli internet hosting company Cyberserve, taking down several of the sites that it hosts. The group announced the attack on Twitter on Friday, and then published some of the stolen data shortly afterwards, stating that Cyberserve had not yet contacted them. Black Shadow was responsible for the hack of Israeli insurance firm Shirbit in December last year. In that attack it had a $1 million ransom, but the victim refused to pay it.

(Security Affairs)

All Windows versions impacted by new LPE zero-day vulnerability

A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that gives SYSTEM privileges under certain conditions. The exploit requires a threat actor to know another user’s user name and password to trigger the vulnerability, so it will likely not be widely abused in attacks, but it does apply to all versions of Windows, including Windows 10, Windows 11, and Windows Server 2022. This follows an August security update from Microsoft for CVE-2021-34484, but after examining the fix, the researcher Abdelhamid Naceri found that the patch was not sufficient and that he was able to bypass it with a new exploit that he published on GitHub.

(Bleeping Computer)

International jeweler Graff hit by Conti gang, with data of its rich clients at risk

The attackers have apparently leaked 69,000 documents include customer lists, invoices, receipts, and credit notes. Graff is a jeweler based in London whose client list is a who’s who of the world’s richest people, and to prove it means business it has already published on its leak site files related to purchases made by David Beckham, Oprah, and Donald Trump. The impact on the privacy of the customers could be greater than the value of the purchased jewels, and it is unclear whether Graff has paid or communicated with the group.

(Security Affairs)

Man charged with hacking MLB, NBA, NFL, and NHL user accounts to stream games

The US Department of Justice filed charges Friday against a Minnesota man who performed the hacks in order to supply content to a pirate streaming website that he operated. 30 year old Joshua Streit, of St. Louis Park, Minnesota, operated the HeHeStreams website between 2017 and August 2021. Officials said that Streit used stolen credentials to access other people’s MLB, NBA, NFL, and NHL accounts in order to hijack game streams, which he later re-broadcast at a lower price than the leagues’ official websites.

(The Record)

Thanks to our sponsor, Trend Micro

Reimage your Cloud! That’s the theme for CLOUDSEC 2021, a 3-day global event that will be held virtually starting on November 16th. Learn the latest trends in cloud and cybersecurity with global keynotes and session tracks tailored to your role’s unique challenges. Test your skills and win prizes in the 24-hr CLOUDSEC Challenge, a hands-on immersive experience that has something for everyone – from novice application coders to experienced security practitioners! Join for FREE on November 16th. Sign up at cloudsec.com

Microsoft to work with US community colleges to fill 250,000 cybersecurity jobs

Microsoft made the announcement on Thursday stating their plan was to happen over the next four years, by 2025, in order to fill the country’s cybersecurity workforce shortage. The company’s commitment will include providing training for the faculty of 150 community colleges, providing free curriculum to thousands of US public community colleges, providing scholarships and supplemental resources to 25,000 students. CEO Brad Smith explained that US community colleges are cheaper to attend, are more diverse in terms of graduates, are located in every US state, and are more flexible with their students’ programs.

(The Record)

Global chip shortage ‘is far from over’ as wait times get longer

The global semiconductor shortage is worsening, with wait times lengthening, buyers hoarding products and the potential end looking less likely to materialize by next year. Demand didn’t moderate as expected. Supply routes got clogged, and unpredictable production hiccups have slammed factories already running at full capacity. What’s left is widespread confusion for manufacturers and buyers alike. Some buyers trying to place new orders are getting delivery dates in 2024, said Ian Walker, operations director at electronic-components distributor Princeps Electronics Ltd., which helps companies find chips. Apple Inc. warned Thursday that supply-chain disruptions are hindering iPhone and other product manufacturing ahead of the holiday-shopping quarter.

(Wall Street Journal)

Roblox has been down for days and it’s not because of Chipotle

Roblox has been down for more than two days, with the game and its related website offline for millions of players. The hugely popular game-creating platform first started having issues at around 7PM ET on October 28th. Roblox initially said it was “working hard to get things back to normal,” and that it had identified “the root cause as [an] internal system issue.” Initially, some Roblox players speculated the outage could be related to a Chipotle promotion in the game. Chipotle is giving away $1 million worth of free burritos on Roblox as part of Halloween event in the game. The experience went live at 6:30PM ET on October 28th, just before the widespread outage began.

(The Verge)

Toronto transit system hit by ransomware attack, no significant disruptions noticed

The Toronto Transit Commision, also known as the TTC says the attack by hackers on its computer systems began Thursday night and expanded on Friday. A TTC spokesman says the attack has not caused any significant disruption to transit service and the public and employees are not at risk. Transit vehicles continued to service their routes but apps and computer displays of route information were affected. TTC provides public transit service for up to 1.7 million people per weekday in Toronto and surrounding municipalities primarily via bus and subway.

(CBC News)