Cybersecurity Weekly: Fake NFT scam, Atlassian flaw, security analyst interview questions
An NFT collector was tricked into buying fake Banksy. An Atlassian Confluence flaw is being actively exploited to install cryptominers. 8 must-ask security analyst interview questions. All this, and more, in this week’s edition of Cybersecurity Weekly.
1. NFT collector tricked into buying fake Banksy
An attacker was apparently able to breach the site for famed street artist Banksy and sell a fake non-fungible token of the artist’s work for more than $336,000. The fraudster has since returned the stolen cash, less a transaction fee, but the incident delivered an invaluable lesson on a whole new emerging cybersecurity threat: NFTs.
2. Atlassian Confluence flaw actively exploited to install cryptominers
On August 25th, Atlassian issued a security advisory for a Confluence remote code execution vulnerability, allowing an unauthenticated attacker to remotely execute commands on a vulnerable server. All versions of Confluence Server and Data Center prior to the fixed versions listed above are affected by this vulnerability.
3. 8 must-ask security analyst interview questions
Demand for the security analyst role is higher than ever, a trend that is likely to continue, with the US Bureau of Labor Statistics projecting that employment for security analysts will grow 31% from 2019-2029. Here are 8 interview questions to master before landing your security analyst position.
4. WhatsApp photo filter bug could have exposed data to remote attackers
A now-patched high-severity security vulnerability in WhatApp's image filter feature could have been abused to send a malicious image over the messaging app to read sensitive information from the app's memory. WhatsApp said it has no reason to believe users would have been impacted by this bug.
5. E-Learning platforms: The new academy for business training and education
Education for businesses, just like education in general, has undergone a dramatic transformation in the last year toward e-learning. The advantages of fast and cost-effective knowledge transfer, to and from anywhere in the world, make good business sense.
6. Cisco issues patch for critical enterprise NFVIS flaw
Cisco patched a critical security vulnerability impacting its Enterprise Network Function Virtualization Infrastructure Software that could be exploited by an attacker to take control of an affected system. The company is aware of a publicly available proof-of-concept exploit code targeting the vulnerability, but added it's not detected any successful attacks in the wild.
7. FIN7 hackers using Windows 11 themed documents to drop JavaScript backdoor
A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale service provider located in the U.S. The attacks have been attributed with moderate confidence to a financially motivated threat actor dubbed FIN7.
8. FBI warns of ransomware attacks targeting food and agriculture sector
The FBI sent out a notice warning companies in the the food and agriculture sector to watch out for ransomware attacks aiming to disrupt supply chains. The FBI note said ransomware groups are seeking to disrupt operations, cause financial loss and negatively impact the food supply chain.
9. Bluetooth BrakTooth bugs could affect billions of devices
Vulnerabilities collectively referred to as BrakTooth are affecting Bluetooth stacks implemented on system-on-a-chip circuits from over a dozen vendors. The set of issues impact a wide variety of devices, from consumer electronics to industrial equipment. The associated risk ranges from denial-of-service and deadlocked condition of the device to arbitrary code execution.
10. Gift card gang extracts cash from 100,000 inboxes daily
A new cybercrime group has been uncovered that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online.
In this Series
- Cybersecurity Weekly: Fake NFT scam, Atlassian flaw, security analyst interview questions
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
