Microsoft Outlook outage prevents users from sending, receiving emails
Microsoft is investigating an outage affecting its Outlook webmail service. Users have been reporting issues while sending, receiving, or searching email through Outlook.com while others state they have not been able to connect, seeing 500 Errors, or seeing no emails after connecting. According to information shared via the Microsoft 365 Status Twitter account, the company is performing targeted restarts to portions of the infrastructure impacted by a recent change.
Britain and US make major move against ransomware gangs by sanctioning seven individuals
The UK and the US have sanctioned seven people connected to a single network behind the Conti and Ryuk ransomware gangs and the Trickbot banking trojan. According to The Record, the sanctions are described as “the first major move of a new campaign of concerted action between Britain and the United States, and insiders say that further actions should be expected later this year.” The individuals identifies will have their assets frozen and will face travel bans. One of the group has also been charged by the DOJ with one count of conspiracy to commit bank fraud and eight counts of bank fraud.
Experts publish list of proxy IPs used by Killnet
Researchers at SecurityScorecard published a list of proxy IPs used by the pro-Russia group Killnet in order to interfere with its operation and block its attacks. Killnet, which has been active since March 2022, has launched DDoS attacks against governments and critical infrastructure of countries that expressed support to Ukraine, including hospitals, airports and government agencies. The list of almost 18,000 proxy IPs was published on GitHub and also includes addresses used by other gangs. The intent of publication was to assist organizations in blacklisting them.
OpenSSL fixes multiple new security flaws with latest update
According to The Hacker News, “the OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks.” Tracked as CVE-2023-0286, this relates to a “case of type confusion that may permit an adversary to read memory contents or enact a denial-of-service,” the maintainers said in an advisory. The vulnerability is connected to the way the popular cryptographic library handles X.509 certificates, and is “likely to impact only those applications that have a custom implementation for retrieving a certificate revocation list (CRL) over a network. The issue has been patched in OpenSSL versions 3.0.8, 1.1.1t, and 1.0.2zg.”
Thanks to this week’s episode sponsor, us – CISO Series!
NewsPenguin threat actor emerges with malicious campaign targeting Pakistani entities
NewsPenguin, a relatively unknown threat actor, has been linked to a phishing campaign targeting Pakistani companies and individuals through messaging related to an upcoming international maritime expo. “The attacker sent out targeted phishing emails with a weaponized document attached that purports to be an exhibitor manual for PIMEC-23,” the BlackBerry Research and Intelligence Team said. PIMEC is the acronym for Pakistan International Maritime Expo and Conference. Blackberry said the attacks are designed to target marine-related entities and event visitors by tricking the message recipients into opening the seemingly harmless Microsoft Word document.
Vulnerability allows hackers to remotely tamper with Dahua security cameras
The vulnerability can be exploited by remote hackers to change the timestamp of videos recorded by Dahua security cameras. Advisories describing the vulnerability, tracked as CVE-2022-30564, were published on Wednesday by both Dahua and India-based cybersecurity company Redinent who initially discovered it. Through this vulnerability, an attacker with knowledge of working with APIs can modify a device’s system time by sending it a specially crafted packet.
Twitter outage informs users they are over daily tweet limit
A small number of Twitter users were unable to tweet on Wednesday after the service notified them that they were over the daily limit for sending Tweets. This is seen as a result of deep cuts in Twitter’s workforce, though it is not yet clear if the reduced headcount was to blame for Wednesday’s outage. Some users reported being notified by Twitter that they were over the 2,400-tweet-per-day limit, even if they had not posted on Wednesday.
(BBC News)
ChatGPT frenzy creates knockoffs
In yesterday’s episode of Cybersecurity Headlines we discussed how other tech companies are quickly taking their place on the generative AI bandwagon, especially in China, with Alibaba and Baidu announcing their respective competitors to ChatGPT. But so too have hucksters, who are seeking to take financial advantage of the confusion and novelty of this technology. Writing in TechCrunch, Rita Liao describes “scores of ChatGPT knockoffs that began cropping up on WeChat last week,” many using the word ChatGPT in its name, and one actually called just that, and which charged the journalist $4.50 to ask 20 questions on its interface.