Three vulnerabilities found in over 100 Lenovo laptop models were recently discovered and quickly patched by the computer company. In other cybersecurity news, criminals drained over $80 million in cryptocurrency after exploiting the flash-loan protocols of the decentralized financial system Beanstalk.
Attackers exploited the flash-loan protocols of the Beanstalk decentralized financial system and forced a malicious proposal that drained over $80 million in cryptocurrency. The exploit resulted in a net loss of $182 million as the attackers used a majority voting stance to instantaneously authorize a transaction without any collateral., Their majority stance was based on their valued quantity of stablecoins. Meanwhile, officials are still working to investigate the attack and provide some response to the shareholders and clients looking for reimbursement.
Following a cyber-attack on their core systems, gift card retailer Funky Pigeon has been forced to suspend all orders until they have concluded their investigations into the breach. While they are still working to determine if any customer information was compromised, they have already begun contacting their entire customer base to inform them of the incident.
Researchers discovered three vulnerabilities that exploit the UEFI in at least 100 Lenovo laptop models. The vulnerabilities allow hackers to install malicious firmware that can be extremely difficult to detect or remove. Two of the vulnerabilities are based on partially deactivated firmware drivers that are only used during manufacturing but can be used to compromise the BIOS control bits and disable device protections before booting. The third vulnerability builds on the first two, by allowing an attacker to install malicious firmware if the system is booted up into system management mode. This mode has high-level permissions and can make changes at the operating system level without additional authentication.
Officials for GitHub identified multiple private repositories containing GitHub files that were downloaded by an unauthorized user who had gained access by misusing third-party OAuth user tokens. GitHub confirmed none of their systems were compromised, and they have contacted the third-party organizations to revoke all access tokens. They continue to monitor user activity for anything suspicious.
Along with a series of research firms, Microsoft finalized the infrastructure takedown of the ZLoader botnet. They’re currently seeking court approval to seize 65 domains that were being used to spread their malware to a variety of vulnerable industries. Though Microsoft has confirmed that they have not removed every instance of ZLoader, they are still working with law enforcement and regional ISPs to identify any remaining infections.