Cyber Security Today, Week in Review for Friday Dec. 9, 2022
This episode features a discussion on the ransomware attack on Rackspace, the hack of Amnesty International Canada and a report on how threat actors are trying to get around multifactor auth
Cyber Security Today, Week in Review for Friday Dec. 9, 2022
This episode features a discussion on the ransomware attack on Rackspace, the hack of Amnesty International Canada and a report on how threat actors are trying to get around multifactor auth
Some models of Cisco IP phones have high-severity vulnerability
Cisco says firmware fix won’t be available until
Twitter to charge $11 monthly for Twitter Blue on iOS
Twitter’s proposed Twitter blue service, which was supposed to cost $8 per month, is reportedly going to cost $11 per month on iPhone in order to account for Apple’s 30% cut on in-app purchases, according to The Information. According to the report, the subscription plan will cost $7 per month if purchased online. However, it […]
Instagram now lets users see if their posts are being blocked
Instagram will now allow creators and businesses to see if their posts are not being recommended to other users and are being blocked from the platform’s recommendation and discovery features. Creators and businesses can see if their posts are being blocked from appearing in the app’s recommendations, such as at the bottom of Feed or […]
CommonSpirit ransomware attack exposes the personal information of over 623,000 patients
A ransomware attack in October accessed 623,774 patients’ patient information, according to Chicago-based CommonSpirit Health. Beginning in early October, the cyberattack caused significant IT outages and consultation instabilities across the health system’s nationwide network of hospitals. This figure was made public on the U.S. Department of Health breach portal, where healthcare organizations are required by […]
MuddyWater threat actors send MSP remote access tool via hacked corporate email accounts
As part of a new spear-phishing campaign, the Iran-linked MuddyWater threat actor has been recognized trying to target numerous countries in the Middle East, as well as Central and West Asia. The group sends phishing messages to their targets via compromised corporate email accounts. MuddyWater has previously used legitimate remote administration tools in its hacking […]
Cyber Security Today, Dec. 9, 2022 – Toronto Pwn2Own contest awards close to US$1 million in prizes, and more
This episode reports on another vulnerability found in Internet Explorer, a hack gets past Microsoft 365 and a vulnerability in web application
Salesforce could lay off more employees
Salesforce employees are growing increasingly concerned about what appears to be an impending layoff of staff, despite having laid off hundreds of people this year as the onslaught of tech layoffs continued unabated. Rumors are circulating within the company that more layoffs could occur as early as this month. “People are afraid it could happen […]
Hackers exploits Internet Explorer zero-day vulnerability
According to Google’s Threat Analysis Group, North Korean state-sponsored hackers used a previously unknown zero-day vulnerability in Internet Explorer known as CVE-2022-41128 (CVSS score of 8.8) in one of Windows JavaScript scripting languages, JScript9, the JavaScript engine used in IE11, to target South Korean users with malware. The flaw affected Windows 7 through Windows 11, […]
