Paul's Security Weekly Subscribe

Vulnerability Management, Malware

Windows GPU Display Vulns, NFT Discord Hack, Costa Rica Vs. Hackers, & Initial Access – PSW #741

May 18, 2022

In the Security News for this week: Singapore launches safety rating system for e-commerce sites, Watch Out for Zyxel Firewalls RCE Vulnerability, New Bluetooth hack that can unlock your Tesla, Hackers Compromise a String of NFT Discord Channels, a pentester’s attempt to be ‘as realistic as possible’ backfires, & more!

Full episode and show notes

Announcements

Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Hosts

Paul Asadoorian

Principal Security Researcher at Eclypsium

https://securitypodcaster.com

1. Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability
Rapid 7 research: https://www.rapid7.com/blog/post/2022/05/12/cve-2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/ (Also see: https://www.zdnet.com/article/nasty-zyxel-remote-execution-bug-is-being-exploited/)
2. NVIDIA fixes ten vulnerabilities in Windows GPU display drivers
3. Angry IT admin wipes employer’s databases, gets 7 years in prison
4. New Bluetooth hack can unlock your Tesla—and all kinds of other devices
5. President Rodrigo Chaves says Costa Rica is at war with Conti hackers
6. Hackers Compromise a String of NFT Discord Channels
7. Apple emergency update fixes zero-day used to hack Macs, Watches
8. US names Venezuelan doctor as notorious ransomware maker – TechCrunch
9. NSA, Allies Issue Cybersecurity Advisory on Weaknesses that Allow Initial Access
10. How a pentester’s attempt to be ‘as realistic as possible’ alarmed cybersecurity firms

Executive Director at Guardedrisk

Retired Senior Cyber Advisor at Lawrence Livermore National Laboratory

1. Singapore launches safety rating scheme for e-commerce sites
Assessing e-commerce marketplaces based on their anti-scam measures, the scheme gives Facebook Marketplace the lowest rating while Lazada and Amazon are amongst those that received the highest.
2. Hackers are exploiting critical bug in Zyxel firewalls and VPNs
Hackers are now actively exploiting a recently patched, critical vulnerability (CVE-2022-30525) affecting Zyxel firewall and VPN devices used by businesses that could be exploited by remote, unauthenticated attackers to inject arbitrary commands that enable the creation of a reverse shell
3. Malware is targeting crypto wallets, says Microsoft: Here’s how to protect yourself better
Everyone's heard of ransomware, and many people have heard of 'cryptojackers', banking trojans, and 'info stealers'. Now, Microsoft is introducing 'cryware' into the cybersecurity lexicon, predicting more people will start using so-called 'hot wallets' as they boost cryptocurrency holdings – and that crooks will try to grab them.
4. 5 critical questions to test your ransomware preparedness – Help Net Security
Five questions to ask yourself regarding your ransomware preparedness.
5. Wizard Spider hackers hire cold callers to scare ransomware victims into paying up
They will cold call victims and attempt to coerce/scare them into paying the ransom demand.
6. BLE vulnerability may be exploited to unlock cars, smart locks, building doors, smartphones – Help Net Security
A Bluetooth Low Energy (BLE) vulnerability discovered by NCC Group researchers may be used by attackers to unlock cars with automotive keyless entry, residential smart locks, building access systems, mobile phones, laptops, and many other devices.
7. US warns over the risk of hiring North Korea IT workers
North Korean information technology (IT) workers are hiding their true identities in order to land jobs and ultimately steal funds to finance the North Korean Government's weapons program.
8. Russians allegedly storm Ukrainian ISP, blackmail it to switch to Russian networks
Ukraine's State Service of Special Communications and Information Protection (SSSCIP) revealed that Russian forces successfully invaded an internet company operating out of Kherson, disconnected all equipment, and threatened to confiscate the equipment if the company refused to connect to Russian networks.
9. EMERGENCY DIRECTIVE 22-03 MITIGATE VMWARE VULNERABILITIES
Threat actors, including likely advanced persistent threat (APT) actors, are exploiting vulnerabilities (CVE 2022-22954 and CVE 2022-22960) in the following VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite Lifecycle Manager.

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

http://darkelement.io/

Related

Vulnerability Management

Dysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland and More.. – SWN #439

December 20, 2024

Dysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland, and More, on this edition of the Security Weekly News.

Vulnerability Management

2024 End-of-Year News and Wrapup – ESW #388

December 19, 2024

As we wrap up the year, we have an honest discussion about how important security really is to the business. We discuss some of Katie's predictions for AppSec in 2025, as well as "what sucks" in security!

Vulnerability Management

Vogons, Task Scams, HiatusRat, Cellebrite, Deloitte, Quantum, Aaran Leyland, and More – SWN #438

December 17, 2024

Vogons, Task Scams, HiatusRat, Cellebrite, Deloitte, Quantum, WordPress, Aaran Leyland, and more on the Security Weekly News.