cyberlights – week 21/2024

A weekly shortlist of cyber security highlights. The short summaries are AI generated! If something is wrong, missing or in any other way off, please let me know!


🧑‍✈️ Recall feature in Microsoft Copilot+ PCs raises privacy concerns privacy – Microsoft's Recall feature in Copilot+ PCs, raises privacy concerns and undergoes investigation by the UK data watchdog. Users may be able manage and delete snapshots, but potential risks to privacy and security remain.

🔍 New Windows AI feature records everything you’ve done on your PC privacy – Microsoft's Recall feature records user activities, raising privacy concerns.

🐕‍🦺 Personal AI Assistants and Privacy – Schneier on Security privacy – Bruce Schneier explores the privacy concerns surrounding Microsoft's AI-powered digital assistant, Recall, highlighting the need for trustworthy AI to protect users' data and emphasizing transparency in the development of such systems.

News For All

🌪️ Privacy, human rights, and Tornado Cash privacy – Developer of Tornado Cash service sentenced in laundering case, igniting concerns over financial privacy, law enforcement intervention, and crypto misuse. Privacy rights clash with anti-money laundering laws, sparking debates over encryption and financial surveillance.

🚔 Police caught circumventing city bans on face recognition privacy – Police bypassing facial recognition bans through neighboring agencies.

💰 HHS offering $50 million for proposals to improve hospital cybersecurity security news – HHS funds hospital cybersecurity tools to combat cyberattacks.

💧 EPA will step up inspections of water sector cybersecurity security news – EPA increasing water sector cybersecurity inspections due to rising threats.

🌐 Fi Router Doubles as an Apple AirTag – Krebs on Security security research – Research finds Apple's Wi-Fi geolocation API used to track devices globally.

🧬 Homeland Security has collected DNA data from 1.5 million immigrants in four years, researchers find privacy – DHS collected DNA from 1.5M immigrants for database, raising privacy concerns.

🙅‍♂️ From trust to trickery: Brand impersonation over the email attack vector security research – Talos researchers uncover techniques used by threat actors to embed brand logos in emails for brand impersonation, with insights into detected cases.

👀 A consumer-grade spyware app found in check-in systems of 3 US hotels security news – spyware app pcTattletale discovered on check-in systems of three Wyndham hotels, enabling unauthorized access to guest details and vulnerabilities, highlighting concerns over privacy and security.

️🧑‍⚖️ Crooks plant backdoor in software used by courtrooms around the world security news

👨‍👩‍👧‍👦 You can now share passwords within your Google family group security news – Google's newest Google Play services update allows family group members to securely share passwords saved in Google Password Manager.

💳 Cyber Signals: Inside the growing risk of gift card fraud cybercrime – Microsoft observes rise in gift card fraud by group Storm-0539 targeting cloud environments for fraudulent gift card creation.

🤖 Google’s “AI Overview” can give false, misleading, and dangerous answers security news – sometimes humorous or misleading answers, especially when treating jokes as facts and relying on questionable sourcing like troll forums or fan fiction sites.

Some More, For the Curious

🎒 KB4581: Veeam Backup Enterprise Manager Vulnerabilities (CVE vulnerability

📧 New 'Siren' mailing list aims to share threat intelligence for open source projects security news – Siren mailing list for open source threat intelligence sharing.

😮‍💨 Master of Puppets: Uncovering the DoppelGänger pro-Russian influence campaign security research – pro-Russian influence campaign targets Western democracies.

🪀 Critical Fluent Bit bug affects all major cloud providers vulnerability – Critical vulnerability in Fluent Bit affects major cloud providers.

⏩ Beyond the Basics: Exploring Uncommon NTLM Relay Attack Techniques hacking write-up

👨‍💻 GitHub Enterprise Server patches critical vulnerability vulnerability

🏮 Crimeware report: Acrid, ScarletStealer and Sys01 stealers security research

🌀 5 Reasons Why Every Developer Should Incorporate Common Weakness Enumeration (CWE) into Their Software Development Life Cycle (SDLC) security research

🔚 Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM) vulnerability – Ivanti addressed multiple critical SQL injection vulnerabilities in Endpoint Manager (EPM) 2022 SU5 and prior versions, allowing attackers within the network to execute code.

⚔️ How ransomware abuses BitLocker security news – BitLocker repurposed for ransomware in incident response effort, using VBS script for unauthorized file encryption.

🕵️ Stark Industries Solutions: An Iron Hammer in the Cloud – Krebs on Security cybercrime – Stark Industries Solutions emerged before the Russian invasion of Ukraine and is behind massive DDoS attacks, used to conceal cyberattacks and disinformation campaigns.

🥡 An XSS flaw in GitLab allows attackers to take over accounts vulnerability

🛖 MITRE December 2023 attack: threat actors created rogue VMs to evade detection security news – MITRE Corporation reported a breach in their NERVE network caused by China-linked nation-state actors, who chained two Ivanti Connect Secure zero-day flaws. more info

CISA Corner 👀 [...]remove connectivity on all [...] devices connected to the [...] internet Chromium again, NextGen Healthcare Mirth Connect Apache Flink

While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun... Most of the articles are in English, but some current warnings might be in German.

(by Obviously, the opinions inside these articles are not my own. No guarantee for correct- or completeness in any way.