.png){kind=logo}
Threat Intelligence Cybersecurity Hacking News January 01, 2023
Welcome to 2023! wishes you a sparkling New Year :)
A doppelganger of a PyTorch dependency was discovered in the wild, which could have resulted in system compromise by actors using the dependency confusion attack vector. Meanwhile, a Linux malware variant poses a risk to users by exploiting vulnerabilities in over two dozen WordPress plugins and themes. It is recommended that website users keep their web app components up to date.
The CISA then listed a couple of actively exploited bugs in TIBCO JasperReports products. The first is a server component information disclosure bug, and the second is a directory traversal flaw in its library.
Top Threat Intelligence Cybersecurity Breaches Reported in the Last 24 Hours
Bristol Community College's computer systems hacked in ransomware attack
Bristol Community College was the victim of a ransomware attack, which disrupted its internet-related communication systems, including email and Teams, and rendered shared documents inaccessible to students and employees. Students and faculty were asked to think about changing their credentials.
Medical information was leaked
Since 2016, Jama Network has discovered the medical information of approximately 42 million Americans being sold on underground marketplaces. The study looked at trends in ransomware attacks on healthcare institutions in the United States between 2016 and 2021. According to experts, the number of attacks during that time period has also more than doubled.
Top Threat Intelligence Cybersecurity Malware Reported in the Last 24 Hours
Malicious dependency chain compromise over holidays
The PyTorch team discovered a malicious dependency in its framework library. The package was named after the torchtriton dependency. A hacker could use it to successfully launch dependency confusion attacks, compromising multiple systems. The fake framework should be uninstalled, according to PyTorch administrators.
Linux malware
Doctor Web, a security vendor, discovered an unprecedented strain of Linux malware. It takes advantage of flaws in over a dozen WordPress plugins and themes. The malware injects JavaScript code, which is called from a remote server and redirects visitors to an arbitrary website chosen by the threat actor.
BlackCat’s new tactic
The ALPHV/BlackCat ransomware group tried out a new extortion method. It set up a duplicate site for one of its victims and published the stolen data there. The victim firm, which is in the financial services industry, appears to have refused to comply with the threat actor's demands.
Top Threat Intelligence Cybersecurity Vulnerabilities Reported in the Last 24 Hours
CISA Warns of Active exploitation of JasperReports Vulnerabilities
The CISA catalogue of most exploited vulnerabilities now includes two-year-old security flaws affecting TIBCO Software's JasperReports products. CVE-2018-5430 and CVE-2018-18809 are flaws related to information disclosure and directory traversal, respectively.