Sign up to save your podcasts
Or
Share Patched Atlassian, Linux Hit by Lightning, Neopets Nabbed, and more.
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Patched Atlassian, Linux Hit by Lightning, Neopets Nabbed, and more.
A daily look at the relevant information security news from overnight - 21 July, 2022
Episode 270 - 21 July 2022
Patched Atlassian- https://www.bleepingcomputer.com/news/security/atlassian-fixes-critical-confluence-hardcoded-credentials-flaw/
Linux Hit by Lightning -
https://thehackernews.com/2022/07/new-linux-malware-framework-let.html
Renewed Redeemer -
https://www.bleepingcomputer.com/news/security/new-redeemer-ransomware-version-promoted-on-hacker-forums/
Apple Pushed Update- https://www.securityweek.com/apple-ships-urgent-security-patches-macos-ios
Neopets Nabbed -
https://www.bleepingcomputer.com/news/security/neopets-data-breach-exposes-personal-data-of-69-million-members/
Hi, I’m Paul Torgersen. It’s Thursday July 21st, 2022, and from Victoria, this is a look at the information security news from overnight.
From BleepingComputer.com:
Atlassian has patched a critical hardcoded credentials vulnerability in Confluence Server and Data Center that could let remote, unauthenticated attackers log into vulnerable servers. The hardcoded password is added after installing the Questions for Confluence app, for an account with the username disabledsystemuser. It was designed to help admins with the migration of data from the app to the Confluence Cloud.
From TheHackerNews.com:
A never-before-seen malware called Lightning Framework targets Linux machines to install rootkits. The malware has been dubbed a "Swiss Army Knife" and is equipped with a plethora of features, making it one of the most intricate frameworks developed for targeting Linux systems. Details and a link to the research report in the article.
From BleepingComputer.com:
A threat actor is promoting a new version of their free-to-use Redeemer ransomware builder on hacker forums. According to its author, the 2.0 release was written entirely in C++ and works on Windows Vista, 7, 8, 10, and 11. This offers unskilled threat actors an easy entry to the world of encryption-backed extortion attacks. All they pay is 20% of any ransom they manage to collect.
From SecurityWeek.com:
Apple's security response team has pushed out software fixes for at least 39 vulnerabilities impacting macOS Catalina, iOS and iPadOS platforms. The patches provide updates for numerous memory safety flaws, some serious enough to expose users to remote code execution attacks. Apple is urging users to update straight away. Get your patch on kids.
And last today, from BleepingComputer.com:
Neopets has suffered a data breach leading to the theft of source code as well as a database containing the personal information of over 69 million members. A hacker known as 'TarTarX' began selling the source code and database for four bitcoins, about $94,000 at current prices. He did not confirm his attack vector, but it appears he still has active access to the database.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until next tomorrow, be safe out there.
Episode 270 - 21 July 2022
Patched Atlassian- https://www.bleepingcomputer.com/news/security/atlassian-fixes-critical-confluence-hardcoded-credentials-flaw/
Linux Hit by Lightning -
https://thehackernews.com/2022/07/new-linux-malware-framework-let.html
Renewed Redeemer -
https://www.bleepingcomputer.com/news/security/new-redeemer-ransomware-version-promoted-on-hacker-forums/
Apple Pushed Update- https://www.securityweek.com/apple-ships-urgent-security-patches-macos-ios
Neopets Nabbed -
https://www.bleepingcomputer.com/news/security/neopets-data-breach-exposes-personal-data-of-69-million-members/
Hi, I’m Paul Torgersen. It’s Thursday July 21st, 2022, and from Victoria, this is a look at the information security news from overnight.
From BleepingComputer.com:
Atlassian has patched a critical hardcoded credentials vulnerability in Confluence Server and Data Center that could let remote, unauthenticated attackers log into vulnerable servers. The hardcoded password is added after installing the Questions for Confluence app, for an account with the username disabledsystemuser. It was designed to help admins with the migration of data from the app to the Confluence Cloud.
From TheHackerNews.com:
A never-before-seen malware called Lightning Framework targets Linux machines to install rootkits. The malware has been dubbed a "Swiss Army Knife" and is equipped with a plethora of features, making it one of the most intricate frameworks developed for targeting Linux systems. Details and a link to the research report in the article.
From BleepingComputer.com:
A threat actor is promoting a new version of their free-to-use Redeemer ransomware builder on hacker forums. According to its author, the 2.0 release was written entirely in C++ and works on Windows Vista, 7, 8, 10, and 11. This offers unskilled threat actors an easy entry to the world of encryption-backed extortion attacks. All they pay is 20% of any ransom they manage to collect.
From SecurityWeek.com:
Apple's security response team has pushed out software fixes for at least 39 vulnerabilities impacting macOS Catalina, iOS and iPadOS platforms. The patches provide updates for numerous memory safety flaws, some serious enough to expose users to remote code execution attacks. Apple is urging users to update straight away. Get your patch on kids.
And last today, from BleepingComputer.com:
Neopets has suffered a data breach leading to the theft of source code as well as a database containing the personal information of over 69 million members. A hacker known as 'TarTarX' began selling the source code and database for four bitcoins, about $94,000 at current prices. He did not confirm his attack vector, but it appears he still has active access to the database.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until next tomorrow, be safe out there.
View all episodes
By Paul TorgersenA daily look at the relevant information security news from overnight - 21 July, 2022
Episode 270 - 21 July 2022
Patched Atlassian- https://www.bleepingcomputer.com/news/security/atlassian-fixes-critical-confluence-hardcoded-credentials-flaw/
Linux Hit by Lightning -
https://thehackernews.com/2022/07/new-linux-malware-framework-let.html
Renewed Redeemer -
https://www.bleepingcomputer.com/news/security/new-redeemer-ransomware-version-promoted-on-hacker-forums/
Apple Pushed Update- https://www.securityweek.com/apple-ships-urgent-security-patches-macos-ios
Neopets Nabbed -
https://www.bleepingcomputer.com/news/security/neopets-data-breach-exposes-personal-data-of-69-million-members/
Hi, I’m Paul Torgersen. It’s Thursday July 21st, 2022, and from Victoria, this is a look at the information security news from overnight.
From BleepingComputer.com:
Atlassian has patched a critical hardcoded credentials vulnerability in Confluence Server and Data Center that could let remote, unauthenticated attackers log into vulnerable servers. The hardcoded password is added after installing the Questions for Confluence app, for an account with the username disabledsystemuser. It was designed to help admins with the migration of data from the app to the Confluence Cloud.
From TheHackerNews.com:
A never-before-seen malware called Lightning Framework targets Linux machines to install rootkits. The malware has been dubbed a "Swiss Army Knife" and is equipped with a plethora of features, making it one of the most intricate frameworks developed for targeting Linux systems. Details and a link to the research report in the article.
From BleepingComputer.com:
A threat actor is promoting a new version of their free-to-use Redeemer ransomware builder on hacker forums. According to its author, the 2.0 release was written entirely in C++ and works on Windows Vista, 7, 8, 10, and 11. This offers unskilled threat actors an easy entry to the world of encryption-backed extortion attacks. All they pay is 20% of any ransom they manage to collect.
From SecurityWeek.com:
Apple's security response team has pushed out software fixes for at least 39 vulnerabilities impacting macOS Catalina, iOS and iPadOS platforms. The patches provide updates for numerous memory safety flaws, some serious enough to expose users to remote code execution attacks. Apple is urging users to update straight away. Get your patch on kids.
And last today, from BleepingComputer.com:
Neopets has suffered a data breach leading to the theft of source code as well as a database containing the personal information of over 69 million members. A hacker known as 'TarTarX' began selling the source code and database for four bitcoins, about $94,000 at current prices. He did not confirm his attack vector, but it appears he still has active access to the database.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until next tomorrow, be safe out there.
Episode 270 - 21 July 2022
Patched Atlassian- https://www.bleepingcomputer.com/news/security/atlassian-fixes-critical-confluence-hardcoded-credentials-flaw/
Linux Hit by Lightning -
https://thehackernews.com/2022/07/new-linux-malware-framework-let.html
Renewed Redeemer -
https://www.bleepingcomputer.com/news/security/new-redeemer-ransomware-version-promoted-on-hacker-forums/
Apple Pushed Update- https://www.securityweek.com/apple-ships-urgent-security-patches-macos-ios
Neopets Nabbed -
https://www.bleepingcomputer.com/news/security/neopets-data-breach-exposes-personal-data-of-69-million-members/
Hi, I’m Paul Torgersen. It’s Thursday July 21st, 2022, and from Victoria, this is a look at the information security news from overnight.
From BleepingComputer.com:
Atlassian has patched a critical hardcoded credentials vulnerability in Confluence Server and Data Center that could let remote, unauthenticated attackers log into vulnerable servers. The hardcoded password is added after installing the Questions for Confluence app, for an account with the username disabledsystemuser. It was designed to help admins with the migration of data from the app to the Confluence Cloud.
From TheHackerNews.com:
A never-before-seen malware called Lightning Framework targets Linux machines to install rootkits. The malware has been dubbed a "Swiss Army Knife" and is equipped with a plethora of features, making it one of the most intricate frameworks developed for targeting Linux systems. Details and a link to the research report in the article.
From BleepingComputer.com:
A threat actor is promoting a new version of their free-to-use Redeemer ransomware builder on hacker forums. According to its author, the 2.0 release was written entirely in C++ and works on Windows Vista, 7, 8, 10, and 11. This offers unskilled threat actors an easy entry to the world of encryption-backed extortion attacks. All they pay is 20% of any ransom they manage to collect.
From SecurityWeek.com:
Apple's security response team has pushed out software fixes for at least 39 vulnerabilities impacting macOS Catalina, iOS and iPadOS platforms. The patches provide updates for numerous memory safety flaws, some serious enough to expose users to remote code execution attacks. Apple is urging users to update straight away. Get your patch on kids.
And last today, from BleepingComputer.com:
Neopets has suffered a data breach leading to the theft of source code as well as a database containing the personal information of over 69 million members. A hacker known as 'TarTarX' began selling the source code and database for four bitcoins, about $94,000 at current prices. He did not confirm his attack vector, but it appears he still has active access to the database.
That’s all for me today. Have a great rest of your day. Like and subscribe, and until next tomorrow, be safe out there.