Cybersecurity Highlights: August 2022

    August 2022 has been an eventful month as the concept of cybersecurity took new turns in the digital world. Keeping oneself updated about cybersecurity threats via cybersecurity news is integral for enterprises to take the required security measures to protect their data and ensure privacy over sensitive information.

    Everyone who runs a business should have at least the required knowledge about cyber security protocols so that they do not cause any harm to others’ right to privacy and can be prepared well against cyber attacks. Here are some of BugBounter’s recap of August 2022 highlights of cyber security.

    cybersecurity 2022 august highlights

    Iranian Hackers Utilize Unpatched log4j 2 Bugs to Target Israeli Organizations

    In a recent cyber attack, Iran-based hackers exploit unpatched systems running log4j to target Israeli entities, indicating severe vulnerabilities. The hackers used SysAid server instances to enter the logging framework Log4J shell. VMware applications have been leveraged to breach target environments. The leading tech-giant Microsoft observed that by gaining access to the logging framework, personalized and popular hacking tools were used to move laterally within the network of target organizations by making cyber attacks on the hands-on-keyboard attacks without credentials. The internal intelligence team of Microsoft also observed that the attacks were staged between July 23 and 25, 2022.

    Estonian Government Push Back Against Cyber Attacks Allegedly Claimed by Russian Hackers

    The Estonian government has repelled a wave of cyberattacks that came with the DDoS attacks following Russia’s invasion of Ukraine. This move came after the government had opted to remove soviet monuments in a plane inhabited by the Russian majority. A Russian cybercrime group Killnet has reportedly claimed responsibility for the DDoS attacks against a few websites of public and private sector organizations which were ineffective. Though the cyberattack was extensive, like that of 2007, it went largely unnoticed and caused little to no damage to the Estonian government. Except for some brief disruptions, the services were not disrupted and remained fully available throughout the day.

    Atlassian Ships Urgent Warning To Fix Critical Bitbucket Vulnerability

    One of the critical hack news! Atlassian’s security response team has been notified with an urgent warning about a severe security vulnerability in several API points in its bitbucket server. Though the Atlassian cloud repositories were not affected by the issue, it was a brutal hit on the Australian company’s product software. The Atlassian observed that as the vulnerability score is high, it could be further exploited to roll out code injection attacks remotely. A hacker with an entry or read permission to a public or private bitbucket repository will be able to hack the system by sending a harmful HTTP request. All versions released after 6.10.17 were infected and exploited because of their vulnerability.

    Hackers Attack the LastPass Developer Environment To Get Sensitive Company Information

    Password management service LastPass confirmed one of the cyber security attacks was a threat to the specific source code and technical information. The security breach occurred around the middle of August, targeting the software development environment. Customer data or encrypted passwords were not compromised, Although the company did not reveal anything regarding the cyber security challenges. Lastpass CEO Karim Toubab revealed that an unauthorized party accessed certain sections of the Lastpass developer system through one developer account from which the source code and proprietary technical information were stolen. Amidst identifying the cyber security risks, the company said it had hired leading cybersecurity and forensics firms to take measures against cyber security attacks and mitigate them.

    North Korea Kimsuky Targets Victims With Malware

    Malware reaches suitable targets as a North Korean hacking group named Kimsuky demonstrates its capability of staging cyber attacks. Targeting large companies and high-profile individuals from the Korean peninsula, Kimsuky uses phishing emails to connect with the control and command server before a malicious payload is downloaded by the user. Politicians, university research professors, and journalists in North and South Korea are targeted for retrieving sensitive information from their systems. The system and network are not infected if the victim is not on the targeted list.

    Hackers Develop ‘AI Hologram’ of C-Suite Crypto Exec

    Hackers used Deepfake technology to create fake copies of the Finance official application, the world’s largest cryptocurrency exchange with a massive daily trading volume. The Binance has become a popular target for hackers even with several layers of security protocols they must navigate.

    Attackers gained access to the active directory and confidential data such as user logins and passwords for moving within the application. CCO Patrick Hillmann revealed that he received online messages from several users and traders who thanked him for online meets and sharing information on potential opportunities to list users’ assets on the Binance application, which he did not initiate. Attackers had utilized AI technology to impersonate Hillmann using his previous appearances in news interviews and TV shows.

    Hackers Pose Infringement by Deploying Bumblebee Loader On Target Networks

    Cyber attackers associated with Trickbot, Bazarloader, and IcedID malware deploy the Bumblebee loader to break into target networks and for subsequent activities related to cyber threats. The Google threat analysis group discovered the ransomware in March 2022. The Cybereason global security operations center (Gsoc) Team identified the recent ransomware deployment and warned about the Bumblebee loaders. After infecting a system, the Bumblebee operators disrupt the reconnaissance activities by rerouting the executed command outputs to source files to exfiltrate data. The information in the active directory is leveraged to access confidential data such as user logins and passwords to move within the network laterally.

    Cyber Security Measures: BugBounter

    The increasing cyber security concern is one reason every organization should take necessary steps before they face permanent damage with cyber security attacks that can lead to years of effort in building their businesses in vain. BugBounter offers bug bounty services, including bug bounty programs and enhanced data management and privacy. With a team of 2700+ cybersecurity experts, bug bounty thrives on providing its customers with what works best for them. They are available 24/7 to provide customized tests to help you mitigate risks. Contact us to know more about our services at the best prices!