News Roundup — July 19th 2023 edition
Welcome to this week’s news roundup. We bring to light some pressing developments ranging from critical vulnerabilities needing immediate attention, such as those found in SonicWall and Microsoft’s Azure AD, to the concerning rise of ransomware payments on track to reach record-breaking highs in 2023. Corporate targets of cyberattacks continue to surface, with the recent breaches at Laurentian University and beauty giant Estée Lauder. Further, Shutterfly reassures that a recent Clop ransomware attack didn’t impact customer data, while JumpCloud discloses an intrusion by a state-backed APT hacking group. The threat landscape is rife with exploitation of software weaknesses, such as the critical ColdFusion RCE bug, Adobe warns is currently under attack, and the Docker Hub leak that exposes auth secrets and private keys. Worrying news on the operational side includes another Microsoft Exchange Online outage blocking emails and the Virustotal data leak affecting thousands of users. Moreover, the MOVEit hack continues to unravel with over 340 organizations now impacted. Meanwhile, in a bizarre turn, an IT worker finds himself behind bars for posing as a ransomware gang to extort his employer. On the global stage, Russia mulls over banning iPhones for government officials, North Korean hackers reportedly target a US IT company in a bid to steal crypto, and Google considers drastic security measures by restricting internet access for some employees. As we examine these evolving cyber threats and countermeasures, we continue to highlight the importance of staying vigilant and proactive in the realm of cybersecurity.
