Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Popular food delivery service, Weee!, has suffered a large scale data breach, that has compromised the personal data of more than 1.1 million customers. The stolen data includes names, email addresses, phone numbers, device types, order notes and more. Weee! Offers their services across 48 US states, making the impact of this attack quite widespread. It was confirmed that no payment card information or credentials were exposed in this breach.
If you are a user of the Weee! Service, you can check if you have been affected by this attack here.
By BleepingComputer.com
SonicWall have issued a warning to their users regarding the recent 22H2 update for Windows 11. Those who have completed the latest update may experience issues with the Web Content Filtering feature of their EDR, Capture Client. Capture Client users may experience “limitations” with the product, until a fix is released. For now, the only workaround for the issue is to “not be upgraded to version 22H2 until Capture Client 3.7.7 for Windows is available.”.
More details on the nature of this issue can be found here.
By BleepingComputer.com
Russian hackers are using Graphiron Malware to steal data from Ukraine. A threat actor linked to Russia has been observed deploying a new information-stealing malware in cyber attacks. The Symantec Threat Hunter Team said in a report “The malware is written in Go and is designed to harvest a wide range of information from the infected computer, including system information, credentials, screenshots, and files,". The group is known as Nodaria, which is tracked by Computer Emergency Response Team of Ukraine. Nodaria started getting attention in January 2022, calling attention to the adversary’s use of SaintBot and OutSteel malware in spear-phishing attacks.
By thehackernews.com
An Australian man has been sentenced to 18-month community correction order and 100 hours of community service for scam related to Optus hack. The hacker managed to steal 9.8 million customer’s personal information including, names, birth dates, physical and email addresses, and phone numbers. For 2.1 million customers, numbers associated with identification documents were also compromised. The attackers leaked the personal information of roughly 10,000 individuals. The attackers asked for a ransom of £1 million in cryptocurrency. If this was not paid, then they would leak more information.
By securityweek.com
A jailbreak trick breaks ChatGPT content safeguards. Already, users have found a way to work around ChatGPT’s Programming Controls. This is supposed to restrict it from creating certain content deemed too violent, illegal, and more. According to a report by CNBC, The Prompt called DAN (Do Anything Now) uses ChatGPT’s token system against it. Although DAN isn’t successful all of the time, a subreddit devoted to the DAN prompt’s ability to work around ChatGPT’s content policies has already made it to 200,000 subscribers.
By darkreading.com
VMWare is warning its users of a recent vulnerability in its ESXi hypervisor. This advisory however was not regarding a new flaw, but a previously disclosed one that attackers are now exploiting to deploy ransomware. The company has provided users with guidance on how to protect against an attack, and how to recover if you have been hit already. These attacks are specifically targeting devices that have not been updated, so we strongly urge all EXSi hypervisor users to apply the latest updates as soon as possible.
By zdnet.com
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #222 – 10th February 2023
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
