AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 07/12/2023

Apple releases, quickly pulls Rapid Security Response update for 0-day WebKit bug 

Yesterday, Apple published a new Rapid Security Response update for iOS 16, iPadOS 16, and macOS Ventura to patch yet another actively exploited WebKit code execution bug. But shortly after installation, users began having issues accessing certain websites, and Apple has apparently pulled the update to fix the problem. According to MacRumors, affected sites include Facebook, Instagram, WhatsApp, and Zoom, which began showing warning messages about not being supported following the update. 


Mastodon Patches 4 Bugs, but Is the Twitter Killer Safe to Use? 

Four vulnerabilities in the microblogging platform Mastodon were patched late last week, sparking new questions about the decentralized platform’s security, with overtones of the open source debates of yesteryear. Security advisories published to GitHub by Mastodon founder Eugen Rochko included cross-site scripting (XSS), arbitrary file creation, and denial-of-service (DoS) vulnerabilities, as well as a weakness enabling attackers to arbitrarily hide parts of URLs. Using the CVSS standard, the bugs were assigned scores ranging from 5.4 (moderate) to 9.9 out of 10 (critical). 


Microsoft patches 4 actively exploited zero-day bugs, working on a 5th 

Microsoft is working to patch an actively exploited remote code execution (RCE) bug, affecting a range of Windows and Office products, that was used to target attendees at this week’s NATO Summit in Lithuania. The disclosure was part of a busy July Patch Tuesday release for Microsoft that warned of 6 zero-days and 132 flaws. The intended victims of one of the July RCE bug is believed to be NATO summit attendees sympathetic to Ukraine’s ambitions to join NATO. Those targets, researchers said, were targeted in a spear phishing campaign designed to exploit the Microsoft vulnerability via the malware dubbed RomCom – malicious code that enables an adversary to execute code remotely on targeted systems. 


Chinese hackers raided US government email accounts by exploiting Microsoft cloud bug 

Chinese hackers exploited a flaw in Microsoft’s cloud email service to gain access to the email accounts of U.S. government employees, the technology giant has confirmed. The hacking group, tracked as Storm-0558, compromised approximately 25 email accounts, including government agencies, as well as related consumer accounts linked to individuals associated with these organizations, according to Microsoft. “Storm” is a nickname used by Microsoft to track hacking groups that are new, emerging or “in development.” Microsoft has not identified the government agencies targeted by Storm-0558. However, Adam Hodge, a spokesperson for the White House’s National Security Council, confirmed to TechCrunch that U.S. government agencies were affected. 


Deutsche Bank, ING, and Postbank Customers` Data Exposed in Breach 

Deutsche Bank, ING Bank, Postbank, and Comdirect recently announced they suffered customer data leaks. Reportedly, the four European giant banks were using the same third-party business vendor, who fell victim to a MOVEit data-theft attackOn July 3rd, Deutsche Bank and Postbank announced their customers about the data leak. The notice revealed that the threat actors succeeded to exploit a vulnerability in the software of a third-party vendor they did not name. According to Deutsche Bank, the incident didn`t affect their systems. So, it appears that hackers did not have direct access to the accounts. 

Related Posts