cyberlights – week 13/2024

A weekly shortlist of cyber security highlights.

The short summaries are AI generated! If something is wrong, please let me know!

News For All

⚠️ Google's new AI search results promotes sites pushing malware, scams warning

👧 Florida enacts tough social media law barring children under 14 from holding accounts privacy – Florida law bars children under 14 from social media accounts, requires consent for 14-15 year olds, and mandates age verification for explicit sites. Critics argue privacy violations and censorship issues.

🍏 “MFA Fatigue” attack targets iPhone owners with endless password reset prompts cybercrime – Victims, overwhelmed by prompts, might unintentionally grant access or accidentally allow attackers in.

📈 Meta allegedly snooped on Snapchat via traffic decryption privacy – Meta allegedly using Onavo to intercept Snapchat data for commercial gain. Meta's actions included intercepting SSL traffic.

☎️ Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs privacy – Telegram offers free premium subscription to users in exchange for allowing their phone numbers to be used to send OTPs.

🤖 Navigating the Challenges and Opportunities of Synthetic Voices security research – OpenAI shares insights into small-scale preview of Voice Engine, highlighting potential risks.

⚖️ 25 years for Sam Bankman-Fried cybercrime – Sam Bankman-Fried sentenced to 25 years in prison and $11 billion judgment for crimes related to FTX.

⚛️ Sellafield nuclear waste dump faces prosecution over cybersecurity failures security news – Sellafield nuclear waste dump faces legal action over cybersecurity breaches, potential espionage and disruptive attacks.

APT31 put in a corner? 🏬 Justice Department indicts 7 accused in 14-year hack campaign by Chinese gov cybercrime 🌐 UK, New Zealand Accuse China of Cyberattacks on Government Entities cybercrime – Chinese hacktivist groups like APT31 are accused of spying. The countries have taken action by imposing sanctions on Chinese entities. ⛩️ Finland confirms APT31 hackers behind 2021 parliament breach cybercrime

Some More, For the Curious

⛓️💣 xz supply chain corner 💣⛓️ this is THE BIG ONE this week. When linux distros tell you to stop using their product, something is wrong... advisories timeline need to know summary in a pic all you can find in one link

🔒 Shostack + Friends Blog > The NVD Crisis security news – The National Vulnerability Database (NVD) is struggling and not issuing CVSS information to CVEs, causing concern for patch management. Recommendations include embracing cloud-native practices and automation to streamline patch deployment.

🔍 CPE Enrichment in VulnCheck NVD++ security news – NIST NVD faces delay in CVE analysis, VulnCheck launches NVD++ for community accessibility.

0️⃣ We’re All in this Together – A Year in Review of Zero-Days Exploited In-the-Wild in 2023 security research – Google Threat Analysis Group 🥸 Spyware and zero-day exploits increasingly go hand-in-hand, researchers find security research – Commercial spyware firms exploit 64% of zero-day mobile and browser vulnerabilities, targeting end-user devices for surveillance.

⚙️ ZenHammer: Rowhammer Attacks on AMD Zen security research – bit flips

🎣 Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit security research – Sekoia uncovers Tycoon 2FA phishing kit, monitors infrastructure, and analyzes in-depth changes.

🔒 Double trouble for DNSSEC though the devil is in the details vulnerability – Two DNSSEC vulnerabilities are disclosed, KeyTrap and NSEC3-encloser, with KeyTrap posing a greater threat. Concerns are raised about MITRE's assessment of the severity of the vulnerabilities.

⚙️ Local Privilege Escalating my way to root through Apple macOS filesystems hacking writeup – CVE-2023-42931 in macOS involving filesystem mount options allows users to potentially escalate to root.

🚘 Zero days demonstrated at Pwn2Own 2024 security news – Google and Mozilla addressed zero-days discovered during Pwn2Own Vancouver 2024.

🌑 The Darkside of TheMoon security research – Black Lotus Labs at Lumen Technologies discovered a multi-year campaign targeting end-of-life routers and IoT devices using an updated version of TheMoon malware.

🔐 Cisco warns of password-spraying attacks targeting Secure Firewall devices warning

💰 Rewards for Justice – Reward Offer for Information on ALPHV BlackCat-linked Cyber Actors Targeting U.S. Critical Infrastructure cybercrime – Up to $10 million reward for info on ALPHV BlackCat ransomware targeting U.S. infrastructure

⚠️CISA Corner Sharepoint, Ivanti, Fortinet – Update your s***! Safari & macOS Cisco IOS and Access Points

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

(by Obviously, the opinions inside these articles are not my own. No guarantee for correct- or completeness in any way.