Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Players of the hugely popular tactical shooter, Counter-Strike 2, were warned to avoid playing following the discovery of a serious security flaw. This vulnerability was found in the game’s Panorama user interface and allows the game’s input fields to accept HTML code.
If exploited successfully, an attacker could inject HTML content into the game client, opening the possibility for a number of attacks, including remote IP logging, DDoS attacks, impacting network performance of platers, and more.
Valve recognised this as a serious issue and released a hotfix patch quickly. “Post-update, any HTML content inputted by players will now be sanitized to regular strings,”.
By bitdefender.com
The healthcare industry was one of the primary targets for cybercriminals in 2023, with a documented 273% increase in large cyberattacks involving ransomware. In response to this recent surge in attacks, the White House is in talks with the Department of Health and Human Services, with plans to “develop minimum standards to protect the healthcare sector from ransomware, and other malicious cyber activity,”.
The department has outlined this new cyber framework in a recent concept paper that aims to lay out goals, support, and accountability measures for hospitals.
Healthcare services have been far too easy to exploit this year, and there is a clear lack of protection in place. This plan from the White House will hopefully improve security for this critical sector and help keep hospitals and other facilities operational and secure.
By cybersecuritydive.com
Two WordPress plugins, Elementor and Backup Migration, are currently vulnerable to severe remote code execution flaws.
Elementor is a popular website builder plugin with more than 5 million active installations. Versions 3.17.3 and earlier are currently affected by an authenticated arbitrary file upload flaw, that allows any attacker with edit post permissions to remotely execute arbitrary code. A full patch for this vulnerability was rolled out in v3.18.2.
Backup Migration allows backups to be created of WordPress sites and has over 90,000 active installations. Tracked as CVE-2023-6553, with a CVSS of 9.8, this vulnerability resides in the /includes/backup-heart.php file that the plugin uses and could allow an unauthenticated attacker to submit specially-crafted requests to remotely execute arbitrary code on the server hosting the affected WordPress instance. 1.3.7, and all versions prior, are currently affected by this vulnerability; we advise site admins to update to version 1.3.8 of the Backup Migration plugin as soon as possible.
By securityweek.com
Insomniac Games, the studio behind the Spider-Man video games, claims to have suffered a serious ransomware attack.
The ransomware gang, Rhysida, has claimed responsibility for the attack, and has reportedly stolen “exclusive, unique, and impressive data” from the developers, with screenshots including confidential internal emails, copies of passports and personal ID cards, and images of game assets or gameplay.
Rhysida has requested a payment of 50 BTC, around £1.7 million, to be paid by the 20th of December. It is currently unknown whether Insomniac plan to pay the ransom, but their data will be made available for bidding on a dark web forum if Rhysida’s demands are not met by the deadline.
By cybernews.com
A bug in Google Drive has reportedly caused many user’s files to disappear. Reports have suggested that this bug only affects files uploaded after May 2023, but until now there has been seemingly no way to recover lost files.
Google reported that the bug was the result of synchronisation issues and only affected “a limited subset” of individuals using the desktop Drive app versions v84.0.0.0 - 84.0.4.0.
"This issue did not impact any file changes that had already synced and were visible on the Drive mobile app or within the Drive UI on the web."
The fix offered by Google allows users to recover their lost files from backups, however some users have reported that this was unsuccessful leaving some users unable to retrieve their lost documents.
By bleepingcomputer.com
With 38 vulnerabilities addressed this month, Microsoft’s December Patch Tuesday is the smallest release of the year. This batch of security updates is compiled of 7 critical and 31 important vulnerabilities, one of which was publicly disclosed. While 0 flaws are being actively exploited, we advise reading this round-up of Microsoft’s Patch Tuesday and applying updates as soon as possible.
And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.
Stay Safe, Secure and Healthy!
Edition #262 – 15th December 2023
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.