Weekly Security Wrap-Up (March 8th, 2022)

  • Anonymous
  • 0 replies

Hi, everybody - and Happy International Women’s Day! As someone who was #RaisedByLadies, this one’s near and dear to my heart. I think Adam “MCA” Yauch said it best, way back when I was in high school: 
I want to say a little something that's long overdue
The disrespect to women has got to be through
To all the mothers and the sisters and the wives and friends
I want to offer my love and respect to the end” 
 - “Sure Shot”, 1994 :metal:


On to some security news!

Zero-Click Flaws in Widely Used UPS Devices Threaten Critical Infrastructure

From the article: “Three critical security vulnerabilities in widely used smart uninterruptible power supply (UPS) devices could allow for remote takeover, meaning that malicious actors could cause business disruptions, data loss and even physical harm to critical infrastructure, researchers have found.” The words “critical infrastructure” are sadly gonna be the summer hit of 2022, I’ve got $5 on it.

Google: Chinese hackers target Gmail users affiliated with US govt

As things heat up, some Gmail users have been targeted in phishing scams. From the article: “Google's Threat Analysis Group has warned multiple Gmail users that they were targeted in phishing attacks conducted by a Chinese-backed hacking group tracked as APT31. The warnings came after Gmail's defenses automatically blocked all these phishing emails after tagging them as spam.

DDoS attacks now use new record-breaking amplification vector

Well, this isn’t great. Actors are exploiting a known CVE to “amplify” their DDoS attacks. That’s kind of crazy. From the article: “For this new DDoS method, threat actors are abusing a vulnerability tracked as CVE-2022-26143 in a driver used by Mitel devices that incorporate the TP-240 VoIP interface, such as MiVoice Business Express and MiCollab...The abused service on affected Mitel systems is called tp240dvr (“TP-240 driver”) and runs as a software bridge to facilitate interactions with the TP-240 VoIP processing interface cards,” Akamai explains in its report on the vulnerability.”





0 replies

Be the first to reply!