Google issues warning for 2 billion Chrome users

Chrome’s 2.6 billion users again need to be on high alert (for the second time in a week), because Google has confirmed multiple new High-level hacks of the browser. Coming just days after Chrome’s 12th and 13th ‘zero day’ exploits of the year were discovered, Google has published a new blog post revealing four ‘High’ rated vulnerabilities have been confirmed, and users need to take immediate action. The four are a use after free, two heap buffer overflows and one inappropriate implementation in Sandbox. Google has released a critical update, but warns that the rollout will be staggered, so not everyone will be able to protect themselves immediately. If your Chrome version is 94.0.4606.81 or higher, you are safe.

(Forbes)

Bank of America insider charged with money laundering for BEC scams

A U.S. District Court for the Eastern District of Virginia indictment alleges that three men infiltrated the corporate networks of small and large companies in the United States and across the globe, between January 2018 and March 2020. They accessed email servers and email accounts by phishing employee credentials, and via malware. One of the three, being a Bank of America and TD Bank employee, was opening bank accounts under his co-conspirators’ and victims’ names, and also falsified bank book entries. The three spent months intercepting communications and getting to learn about billing systems, style of communication, vendors, clients, and people responsible for transactions, in order to send requests for payment that mirrored real transactions.They made off with a total of $1.1 million.

(Bleeping Computer)

Medtronic recalls insulin pump controllers over cyberattack risks

The company describes these as severe vulnerabilities that could lead to injury or death of the patients, since an attacker could exploit the vulnerabilities to modify the quantity of insulin that the pumps provide to the patient. The urgent medical device recall applies to the MiniMed™ brand remote controller, which uses a wireless radio frequency to communicate with the insulin pump. The company pointed out that to date, it has not received reports of any injuries resulting from this issue.

(Security Affairs)

Cox Media Group confirms ransomware attack that took down broadcasts

The media conglomerate confirmed that it was hit by a ransomware attack in June 2021 that took down live TV and radio broadcast streams. It acknowledged the attack in data breach notification letters sent last week via U.S. Mail to over 800 impacted individuals believed to have had their personal information exposed in the attack. Cox Media Group immediately took systems offline after the attack was detected and reported the incident to the FBI after starting an investigation with the help of external cybersecurity experts. It found proof that attackers tried to exfiltrate this data outside of CMG’s network, there is no evidence that they were successful.

(Bleeping Computer)

Thanks to our episode sponsor, Bitsight

These are challenging times for security professionals. From managing third party supply chain risk, to quantifying financial exposure, to reducing the likelihood of ransomware, BitSight helps security and risk professionals create more effective cybersecurity programs with cybersecurity ratings and analytics. Learn why Moody’s, the Department of Defense, and other leading institutions partner with BitSight at www.bitsight.com

Notorious spyware firm claims it won’t help hack UK phones anymore

The NSO Group, the notorious Israeli spyware vendor, will no longer allow its clients to hack citizens of the United Kingdom, sources close to the company told The Guardian this week. The changes have been “hard-coded” into NSO’s infamous malware, Pegasus, and will make future targeting of UK-based phone numbers starting with the +44 country code impossible, the sources claim. This follows a scandal in which it was revealed that Princess Haya bint al-Hussein, the daughter of the king of Jordan and the former wife of the ruler of Dubai had been hacked during a child custody battle. 

(Gizmodo)

FontOnLake Linux malware used in targeted attacks

This previously unknown, modular malware family has been used in targeted attacks to collect credentials and gain access to victim systems mostly in south east Asia, ESET reported on Thursday. The FontOnLake malware family employs a rootkit to conceal its presence and uses different command and control servers for each sample. Its developers are constantly modifying the malware’s modules, and use three categories of components that have been designed to work together, namely trojanized applications, backdoors, and rootkits.

(SecurityWeek)

Cloudflare doesn’t contribute to copyright infringement, judge rules

A federal judge has ruled in favor of Cloudflare who was being sued by a pair of wedding dress companies that alleged Cloudflare was guilty of contributory copyright infringement because it didn’t terminate services for websites that infringed on the dressmakers’ copyrighted designs. Though the plaintiffs found dozens of knockoff companies selling dresses based on their designs, the judge ruled that simply providing services to a copyright infringer does not qualify as material contribution toward copyright infringement.

(Ars Technica)

Navy warship’s Facebook page hacked to stream Age of Empires game

The official Facebook page of a destroyer-class Navy warship, the USS Kidd, was taken over by someone who wanted to stream the online multiplayer strategy game Age of Empires, and did so for an entire day between October 3 and 4 . Facebook is used by the US military as an official communication channel, particularly for family-readiness groups. Experts state that many official pages are managed using a shared login, and as a result, multifactor authentication (MFA) is not enabled.

(Threatpost)