Threat and Vulnerability Roundup August 20th to 26th: Cisco NX-OS Software Flaw, Apache XML Graphics Batik Flaw, Ivanti Sentry Flaw, Apache Ivy Injection Flaw, Junos OS Flaw, Chrome Feature to Alert Malicious Extensions, WinRAR Flaw, Wireshark 4.0.8 Release, Kali Linux 2023.3 Release, Smart Bulbs can be Hacked, Federated Learning Based IDS, Tesla Data Breach, SEIKO Data Breach, Cloud Host Lost All Data, Hackers Exploiting Barracuda Zero-Day Flaw, NoFilter Tool: Windows Privilege Escalation, Hackers Threaten Patients Following Cyberattack, Carderbee Hacking Group, Malware Developer Uncovered, Over 3,000+ Android Malware Evading Detection, Lazarus Group Exploiting ManageEngine Flaw, Raccoon Malware Resurfaces, Flax Typhoon Exploiting OS Tools, Weaponized LNK Files, Roblox Developers Targeted, XLoader malware Attacking macOS, Weaponizing QR Codes to Steal Microsoft Credentials, Phishing Attack Target Zimbra Email Users.
#cybersecurity #vulnerabilities #threats #data breaches #malware #zeroday #privacy #Tesla #CloudSecurity #mobilesecurity #networksecurity #IoT #AI #ML #WindowsSecurity #AndroidSecurity #Ransomware #SupplyChainAttack
New Mexican food labeling laws are being hacked by companies like Coca-Cola and Kraft Heinz. They are designing their products so that warning labels are hidden. Other companies, like Bimbo, are finding ways to keep their mascots without reformulating their foods. #HackingFoodLabeling #FoodIndustry
https://www.schneier.com/blog/archives/2023/08/hacking-food-labeling-laws.html
China's squid fishing ban in the south-west Atlantic and eastern Pacific was found to be ineffective by the conservation group Oceana. The Chinese fleets did not fish in those areas during the ban period. The ban does not protect squid if there is no fishing. #China #squidfishing #ineffectiveban
Cypago raises $13 million for GRC automation platform. #Cybersecurity #Funding #Automation #GRC
Israeli startup Cypago secures $13 million in funding for its GRC automation platform. #Cybersecurity #Funding #Automation #GRC
https://www.securityweek.com/cypago-raises-13-million-for-grc-automation-platform/
Summary: North Korean APT Lazarus Group exploited a ManageEngine flaw to compromise an internet infrastructure provider in Europe. The attack occurred shortly after the publication of proof-of-concept exploit code for the vulnerability. The attackers used the exploit to deploy a new remote access trojan called QuiteRAT. The malware allows the attackers to gather system information and execute commands. North Korea's Lazarus Group has been observed targeting healthcare entities in Europe and the US as well.
Hashtags: #Cyberwarfare #APT #LazarusGroup #ManageEngine #QuiteRAT #NorthKorea
Summary: This week's cybersecurity news roundup includes stories about the crackdown on cybercrime in Africa, an unpatched macOS flaw, and investor disclosures. Interpol and Afripol have arrested suspects and disrupted cyber networks across 25 African countries, with financial losses exceeding $40 million. A Florida man pleaded guilty in a hacking scheme to steal $150,000, and cybersecurity firm SentinelOne is exploring a potential takeover. Facebook is expanding end-to-end encryption in Messenger, and EY's analysis shows an increase in cyber management and oversight disclosures. The US Cybersecurity and Infrastructure Security Agency (CISA) facilitated the remediation of over 1,000 vulnerabilities, and there have been recent vulnerabilities in Nvidia drivers, Jupiter X Core WordPress plugin, WinRAR, and macOS App Management.
Hashtags: #AfricaCybercrimeCrackdown #UnpatchedmacOSFlaw #InvestorDisclosures #Cybersecurity #Interpol #Afripol #HackingScheme #CybersecurityFirm #EndToEndEncryption #CyberManagement #CISA #Vulnerabilities #NvidiaDrivers #JupiterXCore #WinRAR #macOSAppManagement
Summary:
- Modern software development has increased interconnectedness and cyber threats across the industry.
- Collaboration between the public and private sectors is essential for a strong defense against cyber threats.
- Responsible disclosure of vulnerabilities is crucial to prevent exploitation before fixes are available.
- Secure by design approach integrates security measures throughout the software development process.
- Building the skills needed in the cybersecurity field requires increased vocational training resources.
- Working together across the industry is necessary to build a resilient defense against cyber attacks.
Hashtags:
#Cybersecurity #Collaboration #ResponsibleDisclosure #SecureByDesign #SkillsDevelopment #IndustryDefense
https://www.infosecurity-magazine.com/opinions/security-design-across-industry/
Flax Typhoon Group is deploying malware using the operating system. The group has targeted organizations in Taiwan and other regions. They use various tools like China Chopper and Mimikatz. The group establishes long-term access through RDP control and VPN connections. Recommendations include keeping servers updated and using MFA policies. #FlaxTyphoon #malware #operatingsystem #CyberSecurityNews
https://cybersecuritynews.com/flax-typhoon-abusing-operating-system/
Raccoon Malware resurfaces in Dark Web with new stealing capabilities. #cybersecurity #darkweb #RaccoonMalware
Lazarus Group exploiting ManageEngine flaw to deploy MagicRAT malware. #cyberattack #cybersecurity #vulnerability
https://cybersecuritynews.com/lazarus-exploiting-manageengine/
Summary:
- The FBI has warned that Barracuda appliances are still being exploited by a Chinese APT group.
- Barracuda customers should remove all ESG appliances immediately.
- The FBI urges Barracuda ESG customers to review email logs, revoke and rotate credentials, monitor the network, and conduct a forensic analysis.
Hashtags:
- #FBI
- #Barracuda
- #China
- #cybersecurity
- #exploitation
https://www.infosecurity-magazine.com/news/barracuda-appliances-exploited/
FBI warns of $40M crypto cash-out plot by North Korean hackers #FBI #cryptocurrency #cybercrime #NorthKorea #hacker
https://www.infosecurity-magazine.com/news/fbi-flags-dollar40m-crypto-cash/
Wireshark 4.0.8 has been released with new updates and features. It is a renowned, free, and open-source packet analyzer used for network troubleshooting, analysis, and protocol development. The new version includes fixes for vulnerabilities and bugs. Protocol support has also been updated. Download the latest release from the official download page. #Wireshark #Release #NetworkSecurity
Top 3 Malware Threatening Businesses in Q2 2023: RATs and loaders are the primary security concerns, with an increase of 12.8% quarter over quarter. The top three malware families are njRAT, Remcos, and RedLine. Companies must implement additional security measures to reduce the chance of falling prey to an attack. #malwarethreats #cybersecurity #njRAT #Remcos #RedLine
https://cybersecuritynews.com/top-3-malware-threatening-businesses/
Hashtags: #CyberAttacks #Lapsus$ #Hacking #Teenagers #Autism #Ransom #InternalFiles #Cryptocurrency #RockstarGames #GrandTheftAuto6 #Lapsus$Group #SouthAmerica #BigNameCompanies #Vishing #SIMSwapping #CorporateVPNs #APIKeys #InfosecurityMagazine
https://www.infosecurity-magazine.com/news/teens-responsible-lapsus/
Summary:
1. St Helens Council in the UK warns of phishing scams following a ransomware breach.
2. Residents are advised to be cautious of phishing emails impersonating their bank.
3. The council is working to resolve the incident and warns that it is a complex and evolving situation.
4. Local government authorities in the UK and US are popular targets for ransomware attacks.
5. Remediation and restoration costs for breached councils can be significant.
Hashtags: #StHelensCouncil #PhishingScams #RansomwareBreach #Cybersecurity #LocalAuthorities
https://www.infosecurity-magazine.com/news/st-helens-council-warns-of-phishing/
Summary: A recent report reveals that there has been a 178% surge in sextortion scams via email in the past year, making it one of the top email threats. These unsolicited emails claim to have compromising images or videos of the victim taken via their webcam and threaten to share them if a ransom is not paid. Security researchers have traced some of these scams back to a single actor, who demands £1000 in bitcoin. Sextortion can also involve the use of deepfake technology to create explicit content featuring the victim's face, increasing the severity of the fraud. The FBI has issued an alert about this threat, highlighting that it is difficult to remove manipulated content once posted online.
Hashtags: #Sextortion #EmailScams #CyberThreats #Deepfake #FBI
https://www.infosecurity-magazine.com/news/sextortion-scams-surge-178-in-a/
Kali Linux 2023.3 is a free and open-source operating system for ethical hacking and penetration testing. The new version brings major infrastructure changes, updates to the Kali Autopilot, and the addition of 9 new tools. There are also updates to the Kali NetHunter app and support for additional devices. The update includes miscellaneous updates and packaging tools. The new tools added to Kali Linux 2023.3 include Calico, Hubble, ImHex, and Villain. Existing users can upgrade to the latest version by following the provided steps. The latest version can be downloaded from the official website. #KaliLinux #OperatingSystem
1. VPN alternatives offer safe, private, and efficient network and resource access.
2. Reasons to consider alternatives to standard VPNs include performance problems, complexity and management issues, single points of failure, and security concerns.
3. Zero Trust Network Access (ZTNA) and Virtual Private Networks (VPN) serve different purposes and have different approaches to secure access.
4. Some of the best VPN alternative solutions in 2023 include Perimeter 81, Tor (The Onion Router), ProtonVPN, NordLayer, Cloudflare Access, I2P (Invisible Internet Project), Checkpoint Secure SD-WAN, Zerotier, Zscaler Private Access, and Private Internet Access (PIA).
5. Perimeter 81 offers a secure network as a service with a software-defined perimeter architecture.
6. Tor is a custom browser with open-source technology for web anonymity.
7. ProtonVPN provides secure connections, multi-hop, and Tor network access.
8. NordLayer VPN allows quick and secure internet and private network connections.
9. Cloudflare Access is a Zero Trust security strategy alternative to VPNs.
10. I2P is an overlay network for anonymous and private online communication.
11. Checkpoint Secure SD-WAN combines SD-WAN technology with advanced security measures.
12. Zerotier enables safe communication between computers and networks over the internet.
13. Zscaler Private Access offers cloud-based secure access using zero trust architecture.
14. Private Internet Access (PIA) provides cloud-based secure access with granular policy enforcement.
#VPNSolutions #VPNAlternatives #Cybersecurity #Networking #ZeroTrust #SecureAccess #InternetPrivacy #CloudSecurity #DataProtection
Summary:
Researchers have discovered cryptographic insecurities in a popular smart light bulb, the TP-Link Tapo L530E. The vulnerabilities allow attackers to capture Wi-Fi passwords and TP-Link account details during the setup process of the bulb. The flaws include the lack of a strong identification process for the bulb and the reuse of encryption initialization vectors. It is recommended that Tapo light bulb users stay updated on firmware patches and developers review their network security practices.
Hashtags:
#SmartLightBulb #Cybersecurity #CryptographicInsecurities #InternetOfThings #NetworkSecurity
https://nakedsecurity.sophos.com/2023/08/22/smart-light-bulbs-could-give-away-your-password-secrets/