Blacksite’s Intelligence Report – Week of April 18th, 2022
The Blacksite Weekly Intelligence Report
Microsoft Office 2013 Ends Support in April 2023
Microsoft reminded customers earlier this week that Microsoft Office 2013 is approaching its end of support next year. Microsoft told customers to switch to a newer version to reduce their exposure to security risks. Microsoft also reminded customers that multiple editions of Windows 10 20H2 and Windows 10 1909 are reaching EOS in May 2022 and several versions on April 26. Microsoft 365 Apps is the subscription version of Office LTSC 2021 that comes with many Microsoft 365 enterprise plans and it allows endpoint users to install full versions of Office apps on multiple.
More information: https://support.microsoft.com/en-us/office/end-of-support-for-office-2013-90e4b0d1-098f-4656-b6e7-8b13b67ed62f
Cisco Vulnerability Gives Login Credentials
Cisco has released a security advisory to warn about a critical vulnerability (CVSS v3 score: 10.0), tracked as CVE-2022-20695. The bug involves the improper implementation of the password validation algorithm, making it possible to bypass the standard authentication procedure on non-default device configurations. The affected products are: Wireless LAN Controllers (WLC). Cisco is not aware of the vulnerability being under active exploitation.
More information: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF
Hackers Breached Various Organizations Through Stolen OAuth Access Tokens
GitHub says it discovered evidence of an attacker capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations. OAuth access tokens are often used by apps and services to authorize access to specific parts of a user’s data and communicate with each other without having to share the actual credentials. GitHub said it has since revoked the access tokens associated with the affected apps. The Microsoft-owned platform noted it found early evidence of the attack campaign on April 12 when it encountered unauthorized access to its NPM production environment.
More information: https://github.blog/2022-04-15-security-alert-stolen-oauth-user-tokens/
Haskers Gang Criminal Hacker Group Distributes ZingoStealer Malware for Free
A crimeware-related threat actor known as Haskers Gang has released an information-stealing malware called ZingoStealer for free on Thursday. The criminal group announced on Thursday that the ownership of the tool is changing hands to a new threat actor, in addition to offering to sell the source code for a negotiable price of $500. The malware is said to be undergoing consistent development and deployed specifically against Russian-speaking victims by packaging it as game cheats and pirated software. ZingoStealer is fashioned as a .NET binary that’s capable of collecting system metadata and information stored by web browsers.
More information: https://blog.talosintelligence.com/2022/04/haskers-gang-zingostealer.html
The State of Cyberwarfare in 2022
Cyberwarfare is making its presence felt in cyberspace with the ongoing conflict in Eurasia. Ransomware and other malware attacks backed by state actors are becoming prominent. State threat actors are not only using ransomware, viruses, spyware, and other malicious software to attack other governments. Malware weaponization is particularly alarming considering the geopolitical conflict the world is facing right now. The number of significant cyber incidents in January 2022 is 100% higher compared to the same period in the previous year.
More information: https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents
Cyber Risk Management Doesn’t Have To Be Difficult …
How Blacksite ZTNA Can Help Protect Your Business Against Cyber Threats
The first step in protecting your company against cyber threats is to make sure you have a solid cybersecurity plan. A cybersecurity plan helps you make sure that your company has the proper safeguards in place to protect your business. Expert security company Blacksite can help you with all your cybersecurity needs. At Blacksite we can help your company develop a cybersecurity plan that is tailored to your business needs. Blacksite implements the latest ZTNA technology to keep your business apps, data, and services safe from prying eyes and potential cybersecurity threats that you might experience in the future. Blacksite specializes in providing cybersecurity solutions in data protection, risk management, encryption, cyber security strategy, and cyber security education at an affordable price to accommodate your business whether it’s a small family owned to that of the size of a fortune 500.
More information: https://blacksite.solutions/products
Please contact us and we’ll be glad to assist you.
Become invisible, become secure.