π What’s going on in the cyber world today?
Chameleon Android Trojan, Microsoft Excel Flaw, Agent Tesla Malware, Phishing Attack, F5 Update, Israel, Instagram Backup Codes, Google Chrome Zero-day, HCL Technologies Faces Ransomware, Real Estate Data Leak, 8BASE Ransomware, X Global Outage, Tallinn Mechanism, Secure by Design Software, HAECHI IV Operation, Trustworthy AI Guidance, AI’s Patent Rejected.
π¨Β Cyber Alerts
1. Chameleon Trojan Advances Mobile Threats
The notorious Chameleon Android banking trojan returns with advanced tactics, disabling biometrics to pilfer device PINs. Utilizing HTML page tricks and a Zombinder disguise as Google Chrome, it outsmarts users, making it more challenging to detect. Researchers emphasize vigilance, urging users to avoid unofficial APK sources and maintain robust security measures to counter the evolving threat.
2. Excel Flaw Exploited for Agent Tesla Malware
Cyber attackers are exploiting an old Microsoft Office vulnerability, CVE-2017-11882, in Microsoft Excel to distribute the Agent Tesla malware through phishing campaigns. Using invoice-themed emails with decoy Excel documents, the attackers trick users into opening files, initiating an infection chain that exploits the known vulnerability, allowing code execution with user privileges.
3. Fake F5 Alert Spreads Data Wipers
The Israel National Cyber Directorate (INCD) issues a stark warning about a phishing attack targeting the country’s organizations, utilizing fake emails claiming to be F5 BIG-IP zero-day security updates. The attackers, purportedly from the pro-Palestinian hacktivist group Handala, are responsible for the phishing campaign aiming to exploit the F5 BIG-IP zero-day vulnerability. The attack delivers data wipers disguised as security updates to Windows and Linux devices, presenting a serious threat to Israeli networks and underscoring the ongoing challenge of destructive cyber attacks in the region.
4. Instagram Phish Steals 2FA Codes
A phishing campaign masquerading as a ‘copyright infringement’ email targets Instagram users, aiming to steal backup codes for bypassing two-factor authentication. The attackers impersonate Meta, Instagram’s parent company, in emails warning users about copyright complaints, urging them to fill out an appeal form that redirects to phishing pages to steal account credentials and backup codes.
5. Google Patches 8th Chrome Zero Day
Google swiftly responds to an active exploit of the CVE-2023-7024 zero-day vulnerability, marking the eighth time this year that the company addresses such threats in its Chrome browser. The high-severity heap buffer overflow issue in WebRTC, reported by Google’s Threat Analysis Group, poses a risk of remote code execution by corrupting the browser’s memory. As emergency updates are released, users are strongly advised to promptly update their Chrome browsers to the latest versions (120.0.6099.129 for Windows and 120.0.6099.129/130 for Mac and Linux) to mitigate potential security threats and ensure a secure online experience.
6. Mozilla Fixes Firefox Flaw for Code Execution
Mozilla releases Firefox 121 and Thunderbird 115.6 to address 20 vulnerabilities, including high-severity issues like a WebGL heap buffer overflow bug and Minerva side-channel attack vulnerability in NSS NIST curves. The updates also fix medium and low-severity flaws, with potential impacts on remote code execution, sandbox escape, and email spoofing.
7. Stocks Drop Amid HCL Ransomware Incident
HCL Technologies revealed a ransomware attack affecting a specific project in its isolated cloud environment, emphasizing no broader impact on its network. The company undertakes a comprehensive investigation and commits to corrective measures to address the incident, maintaining a focus on cybersecurity and data protection.
8. Privacy Risks in Real Estate
Real estate records of high-profile individuals like Elon Musk, Kylie Jenner, and Britney Spears, as well as millions of regular homeowners, were left unprotected online, with 1.5 billion records exposed. Discovered by cybersecurity researcher Jeremiah Fowler and reported to VPNMentor, the unsecured database belonged to the New York-based Real Estate Wealth Network, revealing property ownership data, internal user logs, and daily logging records. The exposure poses potential risks to privacy, safety, and security, emphasizing the importance of safeguarding personal information and understanding the risks associated with publicly accessible data.
9. Ransom 8BASE Hits US and Canada
The 8BASE ransomware group claims responsibility for cyberattacks on four organizations, including Employ Milwaukee and Davis, Cedillo & Mendoza, Inc. in the US and Horizon Spa & Pool Parts and Socadis in Canada, targeting various sectors such as workforce development, business litigation, pool and spa parts distribution, and book distribution. Despite the severity of the attacks, the targeted organizations’ websites appear unaffected on the front end, indicating a strategic focus on backend systems for unauthorized data access and extortion.
10. Global Outage Hits X Platform
Social media giant X, experienced a widespread outage lasting over an hour, affecting more than 47,000 US users and causing access issues for some in the UK and Asia. The outage, marked by the hashtag #TwitterDown, prompted users to see a message saying “Welcome to X!” The platform, now owned by Elon Musk, swiftly resolved the issue, with services returning to normal after the short disruption.
11. Ukraine’s Cyber Aid Boosted
International partners, including Canada, Denmark, France, Germany, the Netherlands, Poland, Sweden, Ukraine, the UK, and the US, have launched the Tallinn Mechanism to enhance cyber support for Ukraine. The mechanism aims to coordinate civilian cyber capacity building to help Ukraine defend itself in cyberspace and address long-term cyber resilience needs amid ongoing Russian cyberattacks.
12. CISA Seeks Input on Secure Software
CISA has issued a Request for Information (RFI) seeking input on secure by design software practices, emphasizing the need for collaboration in their ongoing campaign. The RFI addresses key topics such as incorporating security in the software development life cycle, cybersecurity education, recurring vulnerabilities, operational technology, and the economics of secure design.
13. Global Cybercrime Crackdown Nets $300M
Β A six-month transnational police operation named Operation HAECHI IV, involving 34 nations and funded by South Korea, has led to the arrest of 3,500 alleged cybercriminals and the seizure of $300 million in cash and digital assets. The operation targeted various cyber scams, including voice phishing, romance scams, online sextortion, investment fraud, money laundering related to illegal online gambling, business email compromise fraud, and e-commerce fraud, resulting in a significant increase in arrests compared to previous efforts, according to Interpol.
14. NIST Seeks Input on Trustworthy AI
Β The U.S. National Institute of Standards and Technology (NIST) is seeking public input on implementing a White House executive order aimed at ensuring safeguards for artificial intelligence. The order from President Biden directs guidelines for AI developers, especially those working on dual-use foundation models, to conduct red-teaming tests, and companies developing AI models with potential risks to national security are required to share test results with the federal government.
15. UK Court Denies AI Patenting
Β The UK Supreme Court has ruled against granting patents to artificial intelligence (AI), affirming that current laws require inventors to be human entities. The case involves AI researcher Stephen Thaler, who sought patents for ideas generated by his AI system, Dabus, in 2018. The court, upholding the UK Intellectual Property Office’s denial, emphasized that AI is not recognized as a person under existing patent laws, highlighting the legal challenges in adapting to the evolving landscape of AI-driven innovation.
