AnyDesk hack and iPhone patched kernel flaw
Hackers breach AnyDesk production servers to steal private code, CISA warns of active exploitation of patched iPhone kernel flaw and Interpol Synergia operation. Catch all this and more in this week’s edition of Cybersecurity Weekly.
Phishing simulations & training
1. AnyDesk says hackers breached its production servers, mandates password reset
AnyDesk recently confirmed it was hit by a data breach, leading to unauthorized access to its production systems. The remote access solution spotted the hack after noticing unusual activity on its servers. A subsequent security audit revealed hackers managed to steal private code signing keys and source code during the attack. Despite the compromise, AnyDesk assures users that no ransomware was involved and that the software remains safe to use.
2. CISA warns of hackers exploiting patched Apple kernel flaw in new attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a high-severity vulnerability affecting Apple's operating systems. Tracked as CVE-2022-48618, the flaw resides in the kernel component of these systems and might enable attackers to bypass Pointer Authentication. While Apple released critical updates to address the issue in December 2022, users weren’t aware of the flaw and its implications until January 2024.
3. Interpol takes down 1,300 malicious servers in global Synergia operation
Interpol recently shared that its 'Synergia' operation dismantled more than 1,300 servers used for ransomware and malware attacks. In collaboration with 60 law enforcement agencies from 55 countries, the operation also led to the arrest of 31 suspects and the identification of 70 more. Interpol highlighted this achievement as a critical step towards securing the digital space.
4. Nation-state hacker breaches Cloudflare using stolen Okta credentials
Last week, Cloudflare announced a breach where a state-sponsored hacker exploited credentials from last year’s Okta hack to infiltrate its systems. The attacker accessed internal resources but failed to compromise customer data or Cloudflare's core network. In response, the company has rotated more than 5,000 credentials, tightened security measures, and, with CrowdStrike's help, confirmed no further system breaches.
5. PurpleFox malware infects more than 2,000 computers across Ukraine
The Computer Emergency Response Team in Ukraine (CERT-UA) has issued a warning on a PurpleFox malware outbreak, impacting at least 2,000 computers. First seen in 2018, PurpleFox spreads via misleading installers, enabling hackers to drop additional malware, gain remote access, and conduct DDoS attacks. Recently, it masqueraded as a Telegram app to track unknowing victims. CERT-UA advises checking for unusual registry entries, network connections to high ports, and random-named folders for signs of infection.
Phishing simulations & training
In this Series
- AnyDesk hack and iPhone patched kernel flaw
- Canada Flipper Zero ban and new RustDoor macOS malware
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
- Uber data leaked, 48 DDoS-for-hire domains seized and Facebook posts phishing attack
We’ll customize our demo to your
- Security awareness goals
- Existing security and employee training tools
- Industry and compliance requirements
