The lesser-known Stonefly APT has partnered with the Lazarus group to stir the infamous ‘Operation Dream Job’ campaign. Researchers claim that the North Korea-based hacking group is exploiting the Log4Shell vulnerability to mount espionage attacks against highly specialized engineering companies and steal their sensitive intellectual property. Meanwhile, a new malware dubbed BrownFlood has surfaced targeting at least 36 Ukrainian websites in an ongoing DDoS attack spree.
In other news, Cisco and QNAP have urged organizations to apply security patches for critical vulnerabilities affecting their products.
Top Breaches Reported in the Last 24 Hours
Deus Finance confirms hack
Decentralized finance platform Deus Finance confirmed reports of a hack that allowed the attackers to steal more than $13 million from the platform. A variant of a flash loan attack was used to pilfer funds from users’ wallets.
Ongoing DDoS attacks
Top Vulnerabilities Reported in the Last 24 Hours
Cisco patches 11 flaws
Cisco announced the release of security patches for 11 high-severity vulnerabilities affecting its Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC). The most severe of these is tracked as CVE-2022-20746 and can be exploited by sending a crafted stream of TCP traffic through an affected device.
Microsoft patches a flaw in Azure PostgreSQL
Microsoft has patched a security weakness in Azure PostgreSQL which could have been exploited to execute malicious code. Described as a cross-account database vulnerability, the flaw can be exploited to gain read access to PostgreSQL databases without authorization. Microsoft has confirmed that there is no evidence of exploitation of the flaw in the wild.
Vulnerabilities affecting Netatalk
Users of Synology and QNAP NAS devices were advised by the vendors to patch several critical vulnerabilities affecting Netatalk, an open-source implementation of the Apple Filing Protocol (AFP). The flaws in question are CVE-2022-0194, CVE-2022-23122, CVE-2022-23125, CVE-2022-23123 CVE-2022-23124, CVE-2022-23121 and CVE-2021-31439. They have been patched in Netatalk v3.1.1.
Top Scams Reported in the Last 24 Hours
Phishers hijack Facebook user profiles
Multiple Facebook pages claiming to be account recovery services pages were uncovered by researchers. The hijacked pages belonged to musicians, products, and businesses. Once the phishers took over the page, they changed the name, profile picture, and other identities to make it look like a support page.