Zyxel Firmware Update
by Artie Kaye
Good news regarding a flaw in Zyxel’s network attached storage devices, the vulnerability has been patched. The affected devices are:
NAS326
NAS540
NAS542
If you are running, or believe you might be running these affected devices, contact your support team to get them fixed. The updates can be found on the Zyxel website, link below.
The flaw is listed as CVE-2022-34747.
https://www.zyxel.com/support/download_landing.shtml
https://thehackernews.com/2022/09/critical-rce-vulnerability-affects.html
https://www.zyxel.com/support/Zyxel-security-advisory-for-format-string-vulnerability-in-NAS.shtml
Malware As A Service
by Artie Kaye
EvilProxy is the name given to a set of software and tools available on the dark web. It functions as a subscription program, like Adobe. It functions using reverse proxy protocols and cookie injection. The main source of infection is via phishing scams. It can bypass two factor authentication. The ease of use and functionality can allow a bad actor to cause a lot of harm, even with little knowledge. Its use has been linked to attacks on the Python Package Index, and the Twilio breach. It is a relatively new weapon that is still being refined and used against people online.
https://thehackernews.com/2022/09/new-evilproxy-phishing-service-allowing.html
Shop Selling Personal Information Shut Down
by Artie Kaye
A criminal webfront know as WT1SHOP has been seized by officials and shut down. It traded in personal information from account login credentials to passports and had a library in excess of 5 million records. Law enforcement in the US and Portugal cooperated in this effort. They were able to track down the owner of the site by tracing their bitcoin transaction history.
https://thehackernews.com/2022/09/authorities-shut-down-wt1shop-site-for.html
https://www.securityweek.com/authorities-seize-online-marketplace-stolen-credentials