cyberlights – week 16/2024
A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, please let me know.
Highlight 🚨 Erneut Phishing-Mails im Namen der ÖGK im Umlauf! https://www.watchlist-internet.at/news/erneut-phishing-mails-im-namen-der-oegk-im-umlauf/
News For All
🐢 PuTTY vulnerability vuln-p521-bias vulnerability https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
🦦 Fake cheat lures gamers into spreading infostealer malware security news https://www.bleepingcomputer.com/news/security/fake-cheat-lures-gamers-into-spreading-infostealer-malware/
🤖 Liberals accuse Conservatives of using AI for amendments to jobs bill as votes loom security news – using AI for unconstructive bill amendments https://www.cbc.ca/news/politics/sustainable-jobs-bill-amendments-1.7171414
💻 UPDATED: Ready or Not Developer Has 4TB Of Data Stolen Including Full Source Code data breach https://insider-gaming.com/ready-or-not-developer-has-4tb-of-data-stolen-including-full-source-code/
🌐 UNDP Investigates Cyber-Security Incident data breach – HR and procurement data stolen https://www.undp.org/speeches/undp-investigates-cyber-security-incident
🔑 Advanced Phishing Kit Adds LastPass Branding for Use in Phishing Campaigns warning – phishing campaign with Voice Phishing (Vishing) https://blog.lastpass.com/posts/2024/04/advanced-phishing-kit-adds-lastpass-branding-for-use-in-phishing-campaigns
🔐 Delinea releases Secret Server patches for critical vuln vulnerability – critical https://www.theregister.com/2024/04/15/delinea_secret_server_patch/
🔒 Roku switches on 2FA for all following latest security snafu *security news – after two incidents led to unauthorized access * https://www.theregister.com/2024/04/15/roku_2fa_for_everyone/
🛂 MGM sues to block FTC investigation of its data security security news – questioning the constitutionality of the agency's requests. https://therecord.media/mgm-sues-ftc-block-investigtion-data-security
🕵️ A Spy Site Is Scraping Discord and Selling Users’ Messages privacy – Spy Pet, an online service, selling access to users' messages, voice channel activity, and more for $5. https://www.404media.co/a-spy-site-is-scraping-discord-and-selling-users-messages/
🧢 House passes bill to limit personal data purchases by law enforcement, intelligence agencies mycat: security news privacy – “Fourth Amendment Is Not For Sale Act” to limit government purchases of personal data without a court order. https://cyberscoop.com/house-passes-4th-amendment-is-not-for-sale-act/
🤌 EU tells Meta it can't paywall privacy privacy – Meta maintains its subscription model complies with EU laws, while privacy groups argue against 'fake choice' practices, citing GDPR violations. https://www.theregister.com/2024/04/18/eu_meta_subscription_privacy/
🏫 Kaspersky Study: Devices Infected With Data-Stealing Malware Increased by 7 Times Since 2020 security research https://www.techrepublic.com/article/data-stealing-malware-study/
👥 Microsoft’s VASA-1 can deepfake a person with one photo and one audio track security news https://arstechnica.com/information-technology/2024/04/microsofts-vasa-1-can-deepfake-a-person-with-one-photo-and-one-audio-track/
Some More, For the Curious
🛡️ “Totally Unexpected” Package Malware Using Modified Notepad++ Plugin malware https://asec.ahnlab.com/en/64106/
⚔️ Leaked LockBit builder in a real-life incident response case security research – Analysis of LockBit builder in ransomware incident response https://securelist.com/lockbit-3-0-based-custom-targeted-ransomware/112375/
👁️ Entra IDs “Banned Password Lists”: password spraying optimizations and defenses security research https://www.synacktiv.com/en/publications/entra-id-banned-password-lists-password-spraying-optimizations-and-defenses
⚙️ Creating Payloads with ScareCrow to Mimic Reputable Sources and Bypass Anti-Virus hacking write-up https://infosecwriteups.com/creating-payloads-with-scarecrow-to-mimic-reputable-sources-and-bypass-anti-virus-01196cac741e
🍵 Shostack + Friends Blog > CSRB Report on Microsoft security news – An in-depth analysis of the CSRB report on Microsoft's intrusion. https://shostack.org/blog/csrb-report-on-microsoft/
⚖️ Warrantless spying powers extended to 2026 with Biden’s signature security news https://therecord.media/fisa-section-702-bill-biden-signature
🚄 Russia is trying to sabotage European railways, Czech minister said security news https://securityaffairs.com/161899/cyber-warfare-2/russia-sabotage-european-railways-czech.html
⏳ What’s the deal with the massive backlog of vulnerabilities at the NVD? security news – unanalyzed vulnerabilities, impacting patch management efforts and leading to delays in severity score assignments. https://blog.talosintelligence.com/nvd-vulnerability-backlog-the-need-to-know/
🪱 Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm security research https://cloud.google.com/blog/topics/threat-intelligence/apt44-unearthing-sandworm/
🥀 Critical CrushFTP zero-day exploited in attacks in the wild vulnerability https://securityaffairs.com/162067/hacking/crushftp-zero-day-exploited.html
CISA Corner Oracle Releases Critical Patch Update Advisory for April 2024 https://www.cisa.gov/news-events/alerts/2024/04/18/oracle-releases-critical-patch-update-advisory-april-2024 Cisco Releases Security Advisories for Cisco Integrated Management Controller https://www.cisa.gov/news-events/alerts/2024/04/19/cisco-releases-security-advisories-cisco-integrated-management-controller
While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.
(by @wrzlbrmpft@infosec.exchange) Obviously, the opinions inside these articles are not my own. No guarantee for correct- or completeness in any way.