September 28, 2023

Layer 7 Weekly Round Up: 1/13 Edition

THE BIG STORY

1. FBI Seizes WeLeakInfo Website

After a coordinated international law enforcement effort, the FBI seized the domain of WeLeakInfo.com, an online service that sold access to stolen data. Using the site, hackers could purchase a subscription for $2 per day and access billions of user credentials. The FBI worked with law enforcement in the Netherlands, Germany, and the UK to take down the website. So far, authorities have arrested two suspects in connection with the site.

 

WE’RE KEEPING AN EYE ON

2. Hackers Are Using This Phishing Technique to Trick Unsuspecting Victims

Phishing just got more sophisticated. According to researchers at Barracuda Networks, hackers are using a technique known as conversation-hijacking to infiltrate real-business email threads. Even worse, the technique is quickly becoming a favorite amongst malicious actors —  an analysis of 500,000 emails showed that conversation-hijacking rose by over 400% between July and November last year.

 

WORTH NOTING

3. Dangerous Vulnerability Affecting Windows 10 Computers

The National Security Agency (NSA) has uncovered a critical vulnerability in the Windows cryptographic functionality that could enable an attacker to carry out a remote code execution attack. The vulnerability affects Windows 10, as well as, Windows Server 2016 and 2019. The vulnerability is located in a core Windows component known as crypt32.dll, which enables software developers to access digital certificates and other cryptographic functions. The NSA recommended that everyone install Microsoft’s Patch Tuesday patches as soon as possible

 

4. Firefox Vulnerability Being Exploited in the Wild

Anybody can log into WordPress as an administrator if the site is using vulnerable InfiniteWP Client and WP Time Capsule plugins, warned researchers from WebARX. The developer of the plugins released patches for logical issues in the code that caused the vulnerability after being informed of the problem by WebARX. The researchers said that it is hard to block the vulnerabilities with general firewall rules because malware would appear to be the same as a legitimate-looking payload. Based on the WordPress plugins library, the InfiniteWP plugin is installed in more than 300,000 websites and the WP Time Capsule plugin is active on more than 20,000 websites.

 

INTERESTING READ

5. Buttigieg’s Cybersecurity Adviser Resigns Just Before Iowa Caucuses

Peter Buttigieg’s cybersecurity head, Mike Baccio, has resigned from the presidential campaign just weeks before the Iowa caucus. He cited “fundamental philosophical differences with the campaign management regarding the architecture and scope of the information security program” for the decision. Baccio, a former Obama administration cyber official, joined the campaign in July 2019. Chris Meagher, national press secretary for the Buttigieg campaign, said that the campaign had hired a new security firm, but did not disclose the name of the firm. — Stamford Advocate