cyberlights – week 15/2024
A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know!
Highlights
🚫 Help us to take down the parasite website security news – Malicious site impersonates Notepad++ for profit, containing deceptive ads. https://notepad-plus-plus.org/news/help-to-take-down-parasite-site/
⚠️ Vorsicht vor kostenlosen Diensten zur Anpassung und Veränderung von Dateien warning – Vorsicht vor kostenlosen Dateikonvertierungsdiensten, die in Abofallen locken. https://www.watchlist-internet.at/news/vorsicht-vor-kostenlosen-diensten-zur-anpassung-und-veraenderung-von-dateien/
đź“‘ Messenger-Matrix: GroĂźes Update, zwei neue Messenger (Line, Viber) und neue Kategorien privacy https://www.kuketz-blog.de/messenger-matrix-grosses-update-zwei-neue-messenger-line-viber-und-neue-kategorien/
News For All
🦇 BatBadBut flaw allowed an attacker to perform command injection on Windows vulnerability – RyotaK discovered the 'BatBadBut' vulnerability affecting multiple programming languages, permitting command injection in Windows. https://securityaffairs.com/161785/security/batbadbut-flaw-programming-languages.html https://kb.cert.org/vuls/id/123335
🤖 Chinese hackers are using AI to inflame social tensions in US, Microsoft says cybercrime – China uses AI to spread disinformation, specifically targeting elections. https://therecord.media/china-ai-influence-operations
📞 How to Protect Yourself (and Your Loved Ones) From AI Scam Calls security news – avoid falling for AI scam calls impersonating loved ones. https://www.wired.com/story/how-to-protect-yourself-ai-scam-calls-detect/
❤️‍🩹 U.S. Department of Health warns of attacks against IT help desks security news – Sophisticated attacks target healthcare IT help desks using social engineering. https://securityaffairs.com/161566/hacking/healthcare-it-help-desks-attacks.html
đź’° Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits security news https://www.securityweek.com/company-offering-30-million-for-android-ios-browser-zero-day-exploits/
🔍 It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise security research – Increasing trends in malware-initiated scanning attacks against networks. https://unit42.paloaltonetworks.com/malware-initiated-scanning-attacks/
🏥 Hospital websites share visitors' data with Google, Meta privacy – Research reveals that 96% of non-federal acute care hospitals' websites transmit user data to third parties without privacy policies, posing risks to visitors and hospitals. Tracking technologies expose data to tech giants like Google, Meta, Adobe, and data brokers. https://www.theregister.com/2024/04/11/hospital_website_data_sharing/
🍏 Apple swaps 'state-sponsored' lingo for 'mercenary spyware' security news – Apple shifts attributing attacks to broadly categorizing them, highlighting the difficulty in identifying perpetrators of sophisticated digital threats. https://www.theregister.com/2024/04/12/apple_mercenary_spyware/
💸 Change Healthcare faces another ransomware threat—and it looks credible cybercrime – Change Healthcare faces a complex ransomware situation, with ransomware groups AlphV and RansomHub involved. https://arstechnica.com/security/2024/04/change-healthcare-faces-another-ransomware-threat-and-it-looks-credible/
⚠️ Crooks manipulate GitHub's search results to distribute malware malware – techniques like automatic updates and fake stars to boost visibility. https://securityaffairs.com/161792/cyber-crime/githubs-search-results-distribute-malware.htmlf
Some More, For the Curious
🦫 Why CISA is Warning CISOs About a Breach at Sisense security news https://krebsonsecurity.com/2024/04/why-cisa-is-warning-cisos-about-a-breach-at-sisense/
🫦 Vulnerabilities Identified in LG WebOS vulnerability – Bitdefender discovers vulnerabilities in LG WebOS exposing devices to remote attacks. https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/
⚔️ Confidential VMs Hacked via New Ahoi Attacks security research – New Ahoi attacks target confidential VMs using malicious interrupts. https://www.securityweek.com/confidential-vms-hacked-via-new-ahoi-attacks/
🛡️ Microsoft fixes two Windows zero-days exploited in malware attacks vulnerability – Microsoft patches actively exploited zero-days in April 2024 Patch Tuesday. https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-two-windows-zero-days-exploited-in-malware-attacks/
🔍 Zero Day Initiative — The April 2024 Security Updates Review security news – Zero Day Initiative review of April 2024 security updates by Adobe and Microsoft. https://www.zerodayinitiative.com/blog/2024/4/9/the-april-2024-security-updates-review
💳 VISA PUBLIC Biannual Threats Report – A Payment Ecosystem Report by Visa Payment Fraud Disruption security news – Visa report highlights evolving, advanced fraud tactics and ransomware threats. https://usa.visa.com/content/dam/VCOM/regional/na/us/run-your-business/documents/pfd-biannual-threats-report-december-2023.pdf
🔑 Microsoft left internal passwords exposed in latest security blunder security news – Microsoft exposed internal passwords on open server to the internet. https://www.theverge.com/2024/4/10/24126057/microsoft-azure-server-internal-passwords-exposed-cybersecurity
🛡️ Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker security research – Attackers embed credit card skimmer in fake Facebook Pixel script to steal sensitive information from checkout pages. https://blog.sucuri.net/2024/04/credit-card-skimmer-hidden-in-fake-facebook-pixel-tracker.html
🛡️ CISA emergency directive tells agencies to fix credentials after Microsoft breach security news – CISA issues emergency directive for federal agencies to reset passwords by April 30 and identify affected email correspondence due to security risks. https://cyberscoop.com/cisa-emergency-directive-tells-agencies-to-fix-credentials-after-microsoft-breach/
🔪 Awkward Adolescence: Increased Risks Among Immature Ransomware Operators security research – Contrasting mature ransomware groups with less sophisticated, riskier ones. https://www.guidepointsecurity.com/blog/awkward-adolescence-increased-risks-among-immature-ransomware-operators/
CISA Corner KEV – Palo Alto – CVSS 10 https://www.cisa.gov/news-events/alerts/2024/04/12/palo-alto-networks-releases-guidance-vulnerability-pan-os-cve-2024-3400 KEV – D-Link NAS https://www.cisa.gov/news-events/alerts/2024/04/11/cisa-adds-two-known-exploited-vulnerabilities-catalog Siemens https://www.cisa.gov/news-events/alerts/2024/04/11/cisa-releases-nine-industrial-control-systems-advisories Citrix Xen https://www.cisa.gov/news-events/alerts/2024/04/12/citrix-releases-security-updates-xenserver-and-citrix-hypervisor Juniper https://www.cisa.gov/news-events/alerts/2024/04/12/juniper-releases-security-bulletin-multiple-juniper-products Microsofts BULK! https://www.cisa.gov/news-events/alerts/2024/04/09/microsoft-releases-april-2024-security-updates Adobe – more or less ALL https://www.cisa.gov/news-events/alerts/2024/04/09/adobe-releases-security-updates-multiple-products-0 Fortinet https://www.cisa.gov/news-events/alerts/2024/04/09/fortinet-releases-security-updates-multiple-products
While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.
(by @wrzlbrmpft@infosec.exchange) Obviously, the opinions inside these articles are not my own. No guarantee for correct- or completeness in any way.