The main attacks and vulnerabilities found by our experts last week: 5th— 9th September

Check in our weekly report the main attacks and vulnerabilities found by our teams of experts.

Here are the most relevant headlines of the week, take note and keep informed of all the details:

A new breach affects the giant Samsung

The multinational company Samsung acknowledged on September the 2nd that it had been the target of a security breach at the end of July by an unauthorized third party that gained access to information on some Samsung systems in the United States, exposing the personal information of several customers.

This information included name, demographic and contact information, date of birth, and product registration information.

The company has indicated that it has taken security measures to ensure that such incidents do not happen again.

More info here.


0-day vulnerability in Google Chrome

Google released last Friday an emergency patch for the Chrome browser on Windows, Mac and Linux on Friday, fixing a 0-day vulnerability, which is being actively exploited.

Identified as CVE-2022-3075, this security flow relates to insufficient data validation by the Mojo library collection. A malicious actor could bypass the security restrictions when the victim accessed a specially crafted web page. 

Users of Chromium-based browsers, such as Microsoft Edge, Brave, and Opera, would be affected by this vulnerability, so it is recommended to upgrade to Google Chrome version 105.0.5195.102, which addresses the 0-day.

More info here.

The North Face and Vans announce credential stuffing attack

The North Face and Vans retail brands have suffered a data breach according to a statement released by VF Corporation to its customers.

The threat actors used credential stuffing techniques to breach 162,823 customer accounts on thenorthface.com and 32,082 customer accounts on vans.com.

The attack on The North Face began on July 26th, was detected on August 11th, and disrupted on August 19th. The intrusion at Vans was detected on the 20th of August and was active for only one day.

More info here.

HP fixes a serious vulnerability in HP Support Assistant

Among the data that could have been exfiltrated were names, addresses, e-mail addresses, purchase history, and customer telephone numbers, among others. Regarding the credit data, the company said that is stored in third-party payment systems, so it could not have been affected by the attack. Finally, the company has confirmed that all the credentials of the affected accounts have been reset.

HP has issued a security advisory warning users about a recently discovered vulnerability in HP Support Assistant, a software tool that comes pre-installed on all HP computers.

The flaw, identified as CVE-2022-38395 and with CVSS of 8.2, allows attackers to elevate their privileges on vulnerable systems. The advisory mentions that it is a DLL hijacking flaw when users try to launch HP Performance Tune-up from HP Support Assistant.

It is recommended that all HP users update Support Assistant as soon as possible.

More info here.

QNAP patches 0-day used in new Deadbolt ransomware attacks

QNAP has issued a security advisory urging NAS users to upgrade to the latest version of Photo Station. The advisory follows the detection of an ongoing DeadBolt ransomware attack that began on Saturday that exploits a 0-day vulnerability in Photo Station.

QNAP, which has already released security updates for Photo Station, urges its customers to update the software to the latest available version and suggests that users replace Photo Station with QuMagie, a safer photo storage management tool for QNAP NAS devices.

The company strongly recommends not connecting QNAP NAS directly to the Internet and making use of the myQNAPcloud Link feature, using strong passwords for user accounts, and taking regular backups to prevent data loss.

More info here.

Stay informed of the latest cyber security news, vulnerabilities, and attacks from our experts:

vulnerabilities
https://us.telefonicatech.com/products/digital-risk-protection/

Related news

Stay up to date. Get the latest news and trends
Sign Up
cross