Twilio today disclosed that its TaskRouter JS SDK was compromised by attackers after they gained access to one of its misconfigured Amazon AWS S3 buckets which left the SDK’s path publicly readable and writable for roughly five years, since 2015.

Twilio is a cloud communications platform as a service (CPaaS) company that powers communications for over 40,000 businesses and helps developers add voice, video, messaging, and authentication capabilities to their apps using Twilio’s web service APIs.

The company’s customer list includes Twitter, Netflix, Uber, Shopify, Morgan Stanley, Airbnb, Wix, Spotify, Yelp, Hulu, Intuit, ING, eBay, and countless others.

According to

Microsoft released the KB4559004 non-security preview cumulative update with a fixes for File Explorer and an issue that caused Windows 10 computers with wireless wide area network (WWAN) LTE modems to lose Internet connectivity after installing the May KB4556799 update.

The Windows 10 1903/1909 KB4556799 cumulative update was released on May 12th and it led to some Windows 10 devices using WWAN LTE modems not being able to connect to the Internet although the Network Connectivity Status Indicator (NCSI) showed an “Internet access” status.

Microsoft acknowledged this issue on May 22 saying that it affected both client (Windows 10, version

Lorien Health Services in Maryland announced that it was the victim of a ransomware incident in early June. Data was stolen and then encrypted during the incident.

Responsible for the attack are Netwalker ransomware operators, who leaked the information after Lorien refused to pay the ransom demand.

Social Security numbers accessed

A family-owned nursing home for the elders, Lorien Health Services runs nine locations in  Baltimore, Carroll, Harford, and Howard counties, as well as a rehabilitation and fitness facility.

The company says that the incident was detected on June 6 and contracted services of cybersecurity experts to start an investigation

The critical remote code execution security vulnerability in Windows DNS known as SIGRed has received a micropatch for servers without an Extended Security Updates (ESU) license.

SIGRed can be exploited in a wormable fashion, allowing an adversary to expand their attack to all affected systems on the network without user interaction. It received the tracking number CVE-2020-1350 and the maximum severity score, 10 out of 10.

Discovered and reported responsibly to Microsoft by Sagi Tzadik and Eyal Itkin from Check Point Research, SIGRed stems from a flaw in how Microsoft implemented the DNS server role and affects all Windows

Cloudflare is having an outage that is affecting many sites including Discord, BleepingComputer, and others. It is not known what is causing the outage, but users will not be able to connect to the sites depending on the region you are located.

At this time, there has been no public statement from Cloudflare regarding the outage and the only way I knew about it was that I couldn’t access BleepingComputer.com.

Other affected sites include Riot, Gitlab, Patreon, Auth, and ironically Downdetector.

With Twitter hackers, 10/10 vulnerabilities, and Cloudflare outages this week, thankfully ransomware has been pretty slow this week.

The biggest news is Orange confirming they were hit with a Nefilim ransomware attack and business customer’s data being stolen. We also saw an interesting ransomware that utilizes the Age encryption tool.

Other than that, it has mostly been smaller attackers and new ransomware variants released.

Contributors and those who provided new ransomware information and stories this week include: @demonslay335, @VK_Intel, @struppigel, @malwrhunterteam, @fwosar, @BleepinComputer, @LawrenceAbrams, @Seifreed, @serghei, @DanielGallagher, @PolarToffee,