cyberlights – week 11/2024
A weekly shortlist of cyber security highlights. While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.
Highlights 🚸 Hackers are targeting a surprising group of people: young public school students Don't be afraid, but please be aware https://www.npr.org/2024/03/12/1237497833/students-schools-cybersecurity-hackers-credit
🔑 Open Source Password Managers: Overview, Pros & Cons Use a password manager! Please!!! https://www.techrepublic.com/article/open-source-password-manager/
For All
💁♀️ Microsoft says Windows 10 21H2 support is ending in June https://www.bleepingcomputer.com/news/microsoft/microsoft-says-windows-10-21h2-support-is-ending-in-june/
✂ CISA forced to take two systems offline last month after Ivanti compromise https://therecord.media/cisa-takes-two-systems-offline-following-ivanti-compromise
🎭 CEO of Data Privacy Company Onerep.com Founded Dozens of People-Search Firms https://krebsonsecurity.com/2024/03/ceo-of-data-privacy-company-onerep-com-founded-dozens-of-people-search-firms/
🎦 Airbnb is banning indoor security cameras https://www.theverge.com/2024/3/11/24097107/airbnb-indoor-security-camera-ban
📷 Wi-Fi jamming to knock out cameras suspected in nine Minnesota burglaries https://www.tomshardware.com/networking/wi-fi-jamming-to-knock-out-cameras-suspected-in-nine-minnesota-burglaries-smart-security-systems-vulnerable-as-tech-becomes-cheaper-and-easier-to-acquire
↔️ How to share sensitive files securely online https://www.welivesecurity.com/en/how-to/share-sensitive-files-securely-online/
🎨 ASCII art elicits harmful responses from 5 major AI chatbots https://arstechnica.com/security/2024/03/researchers-use-ascii-art-to-elicit-harmful-responses-from-5-major-ai-chatbots/
👃 Hackers can read private AI-assistant chats even though they’re encrypted TL;DR sniffing traffic can be enough https://arstechnica.com/security/2024/03/hackers-can-read-private-ai-assistant-chats-even-though-theyre-encrypted/
👨🦯 British authorities have never detected a breach of ransomware sanctions — but is that good or bad news? https://therecord.media/uk-authorities-have-never-detected-ransomware-payment-sanction-violation
Incognito Corner My big one this week. Bad guys acting like bad guys. What a surprise! 💣 Incognito Market: The not-so-secure dark web drug marketplace https://grahamcluley.com/incognito-market-the-not-so-secure-dark-web-drug-marketplace/ ♟ Incognito Darknet Market Mass-Extorts Buyers, Sellers https://krebsonsecurity.com/2024/03/incognito-darknet-market-mass-extorts-buyers-sellers/ 💰 Millions in BTC, XMR possibly stolen after reports of darknet market ‘exit scam’ https://cointelegraph.com/news/bitcoin-monero-reportedly-stolen-darknet-market-exit-scam
more, For the Curious
⏱ Risky Biz News: NIST NVD stopped enriching CVEs a month ago Recommending the main story of this weekly news summary https://news.risky.biz/risky-biz-news-nist-nvd-stopped-enriching-cves-last-month/
👩✈️ Microsoft’s Security Copilot Enters General Availability Scaaary! 😱 https://www.techrepublic.com/article/microsoft-security-copilot-experience-center/
🧆 Misconfiguration Manager – knowledge base for Microsoft Configuration Manager tradecraft and hardening guidance https://github.com/subat0mik/Misconfiguration-Manager
🧹 Using ChatGPT to Deobfuscate Malicious Scripts, (Wed, Mar 13th) https://isc.sans.edu/diary/rss/30740
🎡 What a Cluster: Local Volumes Vulnerability in Kubernetes CVE-2023-5528 writeup https://www.akamai.com/blog/security-research/kubernetes-local-volumes-command-injection-vulnerability-rce-system-privileges
🦜 PixPirate: The Brazilian financial malware you can’t see https://securityintelligence.com/posts/pixpirate-brazilian-financial-malware/
🧞 Security Flaws within ChatGPT Ecosystem Allowed Access to Accounts On Third-Party Websites and Sensitive Data https://salt.security/blog/security-flaws-within-chatgpt-extensions-allowed-access-to-accounts-on-third-party-websites-and-sensitive-data
👨⚖️ On the new Dutch Intelligence and Security Law https://berthub.eu/articles/posts/dutch-intelligence-and-security-law/
👻 GhostRace – Exploiting and Mitigating Speculative Race Conditions https://www.vusec.net/projects/ghostrace/
💹 RisePro stealer targets Github users in “gitgub” campaign https://www.gdatasoftware.com/blog/2024/03/37885-risepro-stealer-campaign-github
🤪 Real-time, privacy-preserving URL protection https://security.googleblog.com/2024/03/blog-post.html
🧦 The LockBit story: Why the ransomware affiliate model can turn takedowns into disruptions https://blog.talosintelligence.com/ransomware-affiliate-model/
🧵 The 2024 Sophos Threat Report: Cybercrime on Main Street https://news.sophos.com/en-us/2024/03/12/2024-sophos-threat-report
💼 Beware of the Messengers, Exploiting ActiveMQ Vulnerability Good read if you want to know a liitle more about “ActiveMQ” https://www.cybereason.com/blog/beware-of-the-messengers-exploiting-activemq-vulnerability
⚙ AUTOATTACKER: A Large Language Model Guided System to Implement Automatic Cyber-attacks https://arxiv.org/pdf/2403.01038.pdf
(by @wrzlbrmpft@infosec.exchange) Obviously, the opinions inside these articles are not my own. No guarantee for correct- or completeness in any way.