- 1. Statement from CISA Director Easterly on “Log4j” Vulnerability
CISA director Jen Easterly said, “We have added this vulnerability to our catalog of known exploited vulnerabilities, which compels federal civilian agencies -- and signals to non-federal partners -- to urgently patch or remediate this vulnerability."
CVE-2021-44228 or Log4Shell has us all busy.
- 2. Apple Releases Security Updates for Multiple OSs
Apple has released updates for multiple operating systems, including macOS, iOS, watchOS, iPadOS, and tvOS. The new iOS and iPadOS updates address 42 CVEs and adding new features including Apple Music Voice Plan, “App Privacy Report” and new “communication safety” settings intended to notify parents when their children receive or send photos that contain nudity.
- 3. Mozilla Patches High-Severity Vulnerabilities in Firefox, Thunderbird
Mozilla this week released security updates for the Firefox browser and Thunderbird mail client to address multiple vulnerabilities, including several bugs.
- 4. Google pushes emergency Chrome update to fix zero-day used in attacks
- 5. ‘Karakurt’ Extortion Threat Emerges, But Says No to Ransomware
Researchers say the financially motivated "Karakurt" threat group, which is focused on data exfiltration and follow-up extortion, has already targeted some 40 victims since September 2021 but has shown no interest in deploying ransomware on targeted systems or taking high-profile targets down.
Rather than deploying Cobalt Strike, the group "persisted within the victim's network via the VPN IP pool or installed AnyDesk to allow external remote access to compromised devices.
Threat group claims that it "… do[es] not try to harm your processes, delete your data, destroy your business, at least until you yourself give us a reason.”
- 6. China continues to exploit US universities to bolster military modernization: Report
The Foundation for Defense of Democracies released a report asserting that China is exploiting its existing relationship with U.S. universities to steal sensitive data and technology that it will ultimately use to "achieve military dominance."
China operates more than 200 talent recruitment plans, the most prominent of which is the Thousand Talents Plan (TTP) established in 2008.
- 7. University Targeted Credential Phishing Campaigns Use COVID-19, Omicron Themes
Proofpoint observed COVID-19 themes impacting education institutions throughout the pandemic, but consistent, targeted credential theft campaigns using such lures targeting universities began in October 2021. Following the announcement of the new Omicron variant in late November, the threat actors began leveraging the new variant in credential theft campaigns.