Urlscan, BYODC, Indirect Branch Tracking, Don’t Hack Me Bro, & Fizzling Out Security – PSW #763
In the Security News: submerged under blankets in a popcorn tin is where they found it, Indirect Branch Tracking, don't hack me bro, we're here from the government to scan your systems, Fizzling out security, static and dynamic analysis for the win, BYODC, Bring your own domain controller, application context matters, if you want an update better have an Intel CPU, one-time programs, urlscan is leaking, hacking load balancers, and its all about the company you keep.
Announcements
Stay up-to-date with us on X (formerly known as Twitter) for the latest show clips and updates! Find us @SecWeekly and stay connected with our cybersecurity community.
Hosts
- 1. FBI Report: Hacktivists Use of DDoS Activity Causes Minor Impacts
The US Federal Bureau of Investigation (FBI) has published a Private Industry Notification warning that hacktivists are launching distributed denial-of-service (DDoS) attacks. The document includes recommendations for mitigating the effect of the attacks. Targets have included financial institutions, emergency services, airports, and healthcare-related facilities.
- 2. Cyberattack at Boeing Disrupts Flight Planning
Boeing subsidiary Jeppesen has “experienced a cyber incident affecting certain flight planning products and services.” The incident affected some flight planning products and services. The incident began on November 2; Jeppesen says that as of November 5, notice to air mission (NOTAM) bulletins were reactivated in their hosting environment.
- 3. Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
Researchers from Phylum have found nearly 30 malicious packages in Python Package Index (PyPI) that attempt to infect developers’ systems with the W4SP Stealer Trojan. The packages are clones of popular software packages with names that make them seem legitimate. The malicious packages have been downloaded 5,700 times.
The attackers used various techniques to import their Trojan by modifying the init.py or setup.py script, which are subtle and hard to spot. That import statement creates a temporary file which is executed, downloading obfuscated code from multiple sites which contains a compressed object which is, actually, the W4SP Stealer, which is designed to steal information from users’ systems including browser passwords, crypto wallets and interesting files with financial related information.
- 4. Microsoft Digital Defense Report 2022
Microsoft’s Digital Defense Report 2022 addresses the state of cybercrime, nation state threats, devices and infrastructure, cyber influence operations, and cyber resilience.
- 5. Google Patches High-Severity Privilege Escalation Vulnerabilities in Android
Rolling out this week, Android’s November 2022 security updates patch over 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.
- 6. Nigerian scammer sentenced to 11 years in US prison
A Nigerian influencer who attracted millions of followers on Instagram by showing off luxury cars and high-end clothing was sentenced on Monday to 11 years in prison for his role in business email compromise schemes and money laundering.
- 7. Microsoft November 2022 Patch Tuesday fixes 6 exploited zero-days, 68 flaws
Today is Microsoft's November 2022 Patch Tuesday, and with it comes fixes for six actively exploited Windows vulnerabilities and a total of 68 flaws. Odds are the updates were already pushed - remember to reboot so any open/busy files are replaced....