cyberlights – week 26/2024
A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!
Highlights
🔒 Brauchst du wirklich ein VPN? privacy – Share article on privacy with friends via social media. https://www.kuketz-blog.de/brauchst-du-wirklich-ein-vpn/
💔 Europe and Australia will both not break encryption! We’ve interviewed Patrick Breyer – the guy who coined the term Chat Control. privacy – Germany and Australia push back against encryption legislation. https://tuta.com/blog/interview-patrick-breyer-on-chat-control
⚠️ Angriffen gegen österreichische Unternehmen und Organisationen Published warning – DDoS-Angriffe gegen österreichische Unternehmen und Organisationen. https://www.cert.at/de/aktuelles/2024/6/akute-welle-an-ddos-angriffen-gegen-osterreichische-unternehmen-und-organisationen
News For All
🎵 Music industry giants allege mass copyright violation by AI firms security news – Music labels sue AI firms for copyright infringement in training data. https://arstechnica.com/?p=2033128
⛔ Watchlist Internet – Falscher Ryanair-Support auf X warning – Scamming customers by requesting passenger details for further checks, apologizing for inconvenience. https://www.watchlist-internet.at/news/falscher-ryanair-support-auf-x/
🚨 French police shut down chat website reviled as 'den of predators' cybercrime – shut down chat website Coco for serious crimes. https://therecord.media/coco-website-takedown-cybercrime-france
🐝 The inside view of spyware’s 'dirty interference,' from two recent Pegasus victims cybercrime – Activists and journalists targeted by Pegasus spyware face privacy violations and assert their determination. https://therecord.media/pegasus-spyware-victims-sannikov-erlikh
👁️ Tagesschaukommentar zur Chatkontrolle: Empörte Ahnungslosigkeit privacy – Criticism towards public coverage of the chat monitoring proposal. https://www.kuketz-blog.de/tagesschaukommentar-zur-chatkontrolle-empoerte-ahnungslosigkeit/
🔞 Lawsuit Claims Microsoft Tracked Sex Toy Shoppers With 'Recording in Real Time' Software privacy – Microsoft accused of tracking sex toy shoppers without consent. https://www.404media.co/lawsuit-claims-microsoft-tracked-sex-toy-shoppers-with-recording-in-real-time-software/
💰 Predators steal additional $10M from crypto scam victims cybercrime – Crypto scammers pose as lawyers to defraud victims out of $10 million in a year, taking advantage of the vulnerable to extract further payments. https://www.theregister.com/2024/06/25/predators_steal_additional_10m/
🖲️ Organized crime and domestic violence perps buy trackers security research – Australian study reveals top tracker purchasers linked to organized crime and domestic violence, using devices to facilitate acts like murder, kidnapping, and drug theft. https://www.theregister.com/2024/06/26/criminals_use_gps_bluetooth_trackers/
🦠 If you're using Polyfill.io code on your site – like 100,000+ are – remove it immediately malware – Malicious code injected via Polyfill.io https://www.theregister.com/2024/06/25/polyfillio_china_crisis/
🔓 ID Verification Service for TikTok, Uber, X Exposed Driver Licenses data breach – AU10TIX, an ID verification service for TikTok, Uber, and X users, exposed administrative credentials online, risking access to users' sensitive data like driver's licenses. https://www.404media.co/id-verification-service-for-tiktok-uber-x-exposed-driver-licenses-au10tix/
💸 US boosts reward for info on 'Missing Cryptoqueen' Ruja Ignatova to $5 million cybercrime – The US offers $5 million reward for information leading to the arrest of fugitive cryptocurrency fraudster Ruja Ignatova, indicted for alleged role in defrauding victims of over $4 billion in the OneCoin scam and missing since 2017. https://therecord.media/ruja-ignatova-onecoin-cryptoqueen-us-5million-reward
⚖️ Julian Assange pleads guilty, leaves courtroom a free man security news – Julian Assange pleads guilty to one charge, receives a 62-month sentence which he has already served, leaving him free, following a plea deal, long-standing legal battles, and high-profile leaks through WikiLeaks, including the 'Collateral Murder' video. https://www.theregister.com/2024/06/26/assange_pleads_guilty_sentenced_freed/
📚 Supply Chain Attack on WordPress.org Plugins Leads to 5 Maliciously Compromised WordPress Plugins malware https://www.wordfence.com/blog/2024/06/supply-chain-attack-on-wordpress-org-plugins-leads-to-5-maliciously-compromised-wordpress-plugins/
💻 How to manage deleted files on iOS, iPadOS, and macOS cyber defense – To manage and permanently delete files on iOS, iPadOS, and macOS, ensure files are deleted across iCloud sync. Check sync status, sync apps, and activate sync on Apple devices. https://www.theverge.com/24188104/ios-icloud-iphone-mac-delete-files
Some More, For the Curious
⛑️ New cyberthreat research for SMB in 2024 security research – Small Medium Business' face rising cyberthreats requiring multifaceted cybersecurity measures. https://securelist.com/smb-threat-report-2024/113010/
💫 CISA confirms hackers may have accessed data from chemical facilities during January incident security news – CISA confirms potential data access from cyberattack on chemical facilities. https://therecord.media/cisa-confirms-hackers-chemical-facilities
⚔️ Troy Hunt – The State of Data Breaches data breach – Challenges in disclosing breaches and notifying victims; bugbears with breach notifications. https://www.troyhunt.com/the-state-of-data-breaches/
🤪 I am Goot (Loader) security research – Cybereason investigates GootLoader malware, part of GootKit family, utilized by UNC2565 for post-exploitation. GootLoader leverages SEO for infection, targets victims with legal document masquerade, believed to be associated with financial incentives. https://www.cybereason.com/blog/i-am-goot-loader
📊 Taking an Evidence-Based Approach to Vulnerability Prioritization security research – VulnCheck's blog emphasizes the importance of prioritizing vulnerabilities based on exploit evidence, recommending Known Exploited Vulnerabilities (KEV), weaponized vulnerabilities, and Proof of Concept (POC) exploit codes as top priorities, alongside additional considerations such as ransomware usage, botnet exploitation, and threat actors' activities. https://vulncheck.com/blog/vulnerability-prioritization
☃️ Snowflake isn’t an outlier, it’s the canary in the coal mine security news – Recent attacks on Snowflake were a result of stolen credentials originating from infostealers, highlighting an industry-wide shift towards identity-focused threats; extensive use of credentials from phishing, infostealers and insider threats; the importance of protecting data with MFA; emphasis on rapid response to infostealer infections, password resets, and secure credential storage. https://blog.talosintelligence.com/infostealer-landscape-facilitates-breaches/
👹 Global Revival of Hacktivism Requires Increased Vigilance from Defenders security news – Mandiant observes a resurgence in hacktivism involving complex tactics, including intrusion, information operations, and physical world tampering. https://cloud.google.com/blog/topics/threat-intelligence/global-revival-of-hacktivism/
👃 LockBit group falsely claimed the hack of the Federal Reserve ransomware – The LockBit ransomware group falsely claimed to have hacked the US Federal Reserve when in fact the victim was Evolve Bank & Trust. Media outlets reported that the Federal Reserve had previously penalized the bank for deficiencies in risk management, anti-money laundering, and compliance practices. https://securityaffairs.com/164988/cyber-crime/lockbit-has-not-hacked-federal-reserve.html
🪟 TeamViewer responds to security 'irregularity' in IT network security news – TeamViewer detected a security 'irregularity' in its corporate IT environment, prompting an immediate investigation and implementation of remediation measures. The company downplays the incident, asserting that the product environment and customer data remain unaffected. https://www.theregister.com/2024/06/28/teamviewer_network_breach/
🎑 Sustaining Digital Certificate Security – Entrust Certificate Distrust security news – Chrome to distrust some Entrust certificates due to compliance failures. https://security.googleblog.com/2024/06/sustaining-digital-certificate-security.html
🧋 TeamViewer says Russia broke into its corp IT network security news – Russian cyber-spies breached TeamViewer's corporate IT network, contained to non-production systems, no customer data accessed. https://www.theregister.com/2024/06/28/teamviewer_russia/
🏎️ Supply-chain ransomware attack cripples thousands of car dealerships cybercrime – A ransomware attack by the BlackSuit gang targeted CDK Global, a platform widely used by car dealerships, leading to system shutdowns and disruptions in business operations. https://www.exponential-e.com/blog/supply-chain-ransomware-attack-cripples-thousands-of-car-dealerships
🩻 Mitigating Skeleton Key, a new type of generative AI jailbreak technique security research – Skeleton Key, a new type of generative AI jailbreak technique called Explicit: forced instruction-following, bypasses guardrails in AI models, enabling the production of harmful content. Microsoft discovered and mitigated this vulnerability with Prompt Shields. https://www.microsoft.com/en-us/security/blog/2024/06/26/mitigating-skeleton-key-a-new-type-of-generative-ai-jailbreak-technique/
❄️ Russia's Midnight Blizzard stole email of more Microsoft customers security news – Microsoft warns more customers of email theft by Russia-linked Midnight Blizzard hacking campaign. Incident response team reaching out to customer administrators to provide a secure portal to view stolen emails from the cyberespionage group. https://securityaffairs.com/165038/hacking/midnight-blizzard-email-microsoft-customers.html
🔍 Google will address Android’s Find My Device network issues ‘over the coming weeks’ security news – Google addressing issues with Android's Find My Device network. https://www.theverge.com/2024/6/26/24186381/google-find-my-device-tracking-pixel-android
CISA Corner
🔐 CISA Releases Two Industrial Control Systems Advisories security news https://www.cisa.gov/news-events/alerts/2024/06/25/cisa-releases-two-industrial-control-systems-advisories 🔒 CISA Adds Three Known Exploited Vulnerabilities to Catalog security news https://www.cisa.gov/news-events/alerts/2024/06/26/cisa-adds-three-known-exploited-vulnerabilities-catalog
While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.
(by @wrzlbrmpft@infosec.exchange) Obviously, the opinions inside these articles are not my own. No guarantee for correct- or completeness in any way.