HK Cyber Alerts - DIGITPOL

HKCERT News

Russia says US hacked thousands of iPhones in iOS zero-click attacks June 1, 2023
Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via iMessage zero-click exploits. Russia blames these attacks on US intelligence agencies. […]
New Horabot campaign takes over victim's Gmail, Outlook accounts June 1, 2023
A previously unknown campaign involving the Hotabot botnet malware has targeted Spanish-speaking users in Latin America since at least November 2020, infecting them with a banking trojan and spam tool. […]
Harvard Pilgrim Health Care ransomware attack hits 2.5 million people June 1, 2023
Harvard Pilgrim Health Care (HPHC) has disclosed that a ransomware attack it suffered in April 2023 impacted 2,550,922 people, with the threat actors also stealing their sensitive data from compromised systems. […]
Terminator antivirus killer is a vulnerable Windows driver in disguise May 31, 2023
A threat actor known as Spyboy is promoting a Windows defense evasion tool called "Terminator" on the Russian-speaking forum RAMP (short for Russian Anonymous Marketplace). […]
Hackers exploit critical Zyxel firewall flaw in ongoing attacks May 31, 2023
Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install malware. […]
Sports Warehouse Fined $300,000 Over Payment Card Data Theft May 28, 2023
Investigators found that the retailer was storing nearly 20 years' worth of payment card data on its e-commerce server in plaintext format, protected by only a password, which the attacker guessed.
QBot malware abuses Windows WordPad EXE to infect devices May 28, 2023
The QBot malware operation has started to abuse a DLL hijacking flaw in the Windows 10 WordPad program to infect computers, using the legitimate program to evade detection by security software.
Microsoft finds macOS bug that lets hackers bypass SIP root restrictions May 28, 2023
Apple has recently addressed a vulnerability that lets attackers with root privileges bypass System Integrity Protection (SIP) to install "undeletable" malware and access the victim's private data by circumventing Transparency, Consent, and Control (TCC) security checks.
MCNA Dental data breach impacts 8.9 million people after ransomware attack May 28, 2023
Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. […]
Android apps with spyware installed 421 million times from Google Play May 28, 2023
A new Android malware distributed as an advertisement SDK has been discovered in multiple apps, many previously on Google Play and collectively downloaded over 400 million times.

HKCERT

Ubuntu Linux Kernel Multiple Vulnerabilities June 2, 2023
Multiple vulnerabilities were identified in Ubuntu Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system. Impact Denial of Service Remote Code Execution Information Disclosure System / Technologies affected Ubuntu 20.04 LTS Ubuntu 22.04 LTS Ubuntu 22.10 Solutions […]
RedHat Linux Kernel Multiple Vulnerabilities June 2, 2023
Multiple vulnerabilities were identified in RedHat Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and remote code execution on the targeted system. Impact Denial of Service Remote Code Execution System / Technologies affected Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64 Red Hat […]
[Security Blog] IoT Security in the Digital Age: Protecting Your Connected World June 1, 2023
The Internet of Things (IoT) refers to an interconnected system that includes physical devices, vehicles, buildings, and other objects embedded with sensors, software, and network connectivity, allowing them to collect and exchange data. The goal of IoT is to create a...
Google Chrome Multiple Vulnerabilities May 31, 2023
Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger denial of service, remote code execution and data manipulation on the targeted system. Impact Denial of Service Remote Code Execution Data Manipulation System / Technologies affected Google Chrome prior to 114.0.5735.90 (Linux) Google Chrome prior to 114.0.5735.90 […]
NetApp Products Multiple Vulnerabilities May 30, 2023
Multiple vulnerabilities were identified in NetApp Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and data manipulation on the targeted system. Impact Denial of Service Information Disclosure Data Manipulation System / Technologies affected Active IQ Unified Manager for Linux Active IQ Unified Manager for Microsoft […]
GitLab Information Disclosure Vulnerabilities May 25, 2023
A vulnerability was identified in GitLab. A remote attacker could exploit this vulnerability to trigger information disclosure on the targeted system. Impact Information Disclosure System / Technologies affected GitLab Community Edition (CE) version 16.0.0 GitLab Enterprise Edition (EE) version 16.0.0 Solutions Before installation of the software, please visit the vendor web-site for more details. Apply […]
Apache Tomcat Multiple Vulnerabilities May 23, 2023
Multiple vulnerabilities were identified in Apache Tomcat, a remote attacker could exploit some of these vulnerabilities to trigger denial of service and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass System / Technologies affected Apache Tomcat version 8.5.85 to 8.5.87 Apache Tomcat version 9.0.71 to 9.0.73 Apache Tomcat version 10.1.5 to […]
NetApp Products Multiple Vulnerabilities May 19, 2023
Multiple vulnerabilities were identified in NetApp Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and data manipulation on the targeted system. Impact Denial of Service Information Disclosure Data Manipulation System / Technologies affected Astra Trident Astra Trident Autosupport NetApp HCI Baseboard Management Controller (BMC) - […]
Microsoft Edge Multiple Vulnerabilities May 19, 2023
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger information disclosure, denial of service and remote code execution on the targeted system. Impact Remote Code Execution Information Disclosure Denial of Service System / Technologies affected Microsoft Edge prior to 113.0.1774.50 Solutions Before installation of the software, […]
Apple Products Multiple Vulnerabilities May 19, 2023
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system. Note: CVE-2023-... Impact Denial of Service Elevation of Privilege Remote Code Execution Information Disclosure Security […]

