👉 What’s the latest in the cyber world today?
Top Python Developers, Supply Chain Hack, Microsoft 365, Gmail Accounts, MFA-Phishing Kit, CISA, SQL Injection Risks, AMD Zen CPUs, ZenHammer Attack, Comsec, OpenVPN, Critical Flaw, Privilege Escalation, Panera Bread, Nationwide Outage, Giant Tiger, Customer Data Compromised, City of St. Cloud, Ransomware Attack, Netherlands, Public Administration Sites, DDoS Attacks, Ariza Credit Union, Grenada, Cyberattack, Report, Congress, Armed Cyber Military, Michael Sulmeyer, Assistant Secretary of Defense for Cyber, Florida Governor, Social Media Ban, US, UK, Sanction, China-Linked Hackers, Critical Infrastructure, China, US Tech Ban, Government Computers, Trade War.
Listen to the full podcast
Trustwave SpiderLabs uncovered a fresh phishing scheme deploying a new loader malware, unveiling the notorious Agent Tesla, a dual threat information stealer and keylogger. Disguised as a bank notification, the phishing email entices victims into opening a disguised archive file, initiating the covert deployment of Agent Tesla on their systems. This sophisticated attack, employing obfuscation and polymorphic behavior, marks a significant evolution in the tactics of cyber adversaries, enhancing their ability to evade detection and exfiltrate sensitive data stealthily.
Threat hunters uncover SqzrFramework480 in NuGet, suspected to target developers of Chinese industrial equipment tools. Uploaded by “zhaoyushun1999,” it features DLL for screen capture and remote pinging, raising security concerns. This highlights the risk of malicious code concealed within ostensibly benign software, urging users to exercise caution.
A new hacking campaign named “ShadowRay” targets an unpatched flaw in Ray, an open-source AI framework, aiming to hijack computing resources and leak sensitive data from diverse industries. These attacks, ongoing since September 5, 2023, have exploited vulnerabilities in Ray, utilized by major organizations like Amazon and Netflix, to infiltrate thousands of companies across sectors including education, cryptocurrency, and biopharma. With hundreds of Ray servers compromised, hackers gain access to AI models, production database credentials, and cloud tokens, showcasing the severity of the breach and the urgent need for heightened security measures.
Two China-linked APT groups, including Mustang Panda, target ASEAN nations with PlugX backdoor variants. The attacks coincide with the ASEAN-Australia Special Summit, leveraging phishing emails to deliver malware packages containing PUBLOAD and rogue DLLs. Unit 42 detects breaches, highlighting ongoing cyber espionage aimed at geopolitical intelligence within the region.
The German cybersecurity authority sounds the alarm on 17,000 vulnerable Exchange servers, urging immediate action. With a significant portion still on outdated versions and lacking critical patches, institutions like schools, clinics, and local governments are at risk. Admins are urged to update to current versions, install security patches promptly, and secure online instances to mitigate threats.
Munchables, an Ethereum layer-2 NFT game, faces a devastating $62-million exploit, as reported by Blockchain analyst ZachXBT. The exploit, allegedly orchestrated by a North Korean developer hired by the Munchables team, involved manipulating the Lock contract to extract a massive Ether balance before the launch. Calls for intervention from the Blast team to roll back the chain and mitigate the damage have emerged from concerned users, highlighting the urgency of addressing vulnerabilities in blockchain-based gaming platforms.
Gilmer County, Georgia, faces service interruptions due to a ransomware attack, confirmed by an official notice. Despite efforts to respond and secure affected systems, delays are anticipated as investigations continue. With assistance from federal law enforcement and cybersecurity experts, the county assures residents that essential services, including 911, remain operational amidst the incident.
Curio, a real-world asset (RWA) liquidity firm, faced a smart contract exploit resulting in a $16 million loss. Despite the breach, Curio reassured users that only the Ethereum side was affected, with Polkadot and Curio Chain contracts remaining secure. Cyvers estimated the exploit losses at $16 million, with Curio publishing a post-mortem and compensation plan for affected users.
The Big Issue, a renowned UK street newspaper aiding the homeless, faces a ransomware attack, compromising 550 gigabytes of confidential data, including commercial and personnel files. Despite the cyber incident, CEO Paul Cheal assures proactive measures are taken, restoring limited system operations and ensuring the magazine’s publication and distribution remain unaffected. This attack reflects a concerning trend as ransomware incidents against British organizations continue to rise annually, highlighting the urgent need for enhanced cybersecurity measures.
The Vocational Training Institute of Lower Austria grapples with a cyber attack involving data encryption and extortion attempts. Thanks to prompt detection by IT specialists, potential damage is mitigated, although internal documents crucial for daily operations have been compromised. The institute remains vigilant in navigating the aftermath and bolstering its cybersecurity defenses to prevent future incidents.
11.Biden’s AI Accountability Push
The Biden administration advocates for mandatory audits of high-risk AI systems and clearer liability guidelines. Highlighting the need for accountability, the NTIA report emphasizes the importance of independent AI system evaluation and consequences for mismanagement of risks. These recommendations align with President Biden’s executive order on AI, aiming to empower stakeholders in holding developers and deployers accountable for AI-related risks.
Amid preparations for the upcoming European Parliament elections in June, the European Commission unveils stringent guidelines for major tech platforms under the Digital Services Act, targeting those with over 45 million active users in the bloc. Fines of up to 6% of global turnover await platforms found in breach of these rules, designed to curb interference risks, particularly from external actors like Russia.
Google unveils Kernel Address Sanitizer (KASan) to bolster firmware security, signaling a focus on lower-level firmware security. Traditionally, firmware has received less scrutiny than other areas of device security. However, Google’s proactive approach aims to mitigate vulnerabilities before they impact user devices by catching memory corruption issues and stability problems.
Portugal’s data regulator, CNPD, has ordered Worldcoin to cease biometric data collection for 90 days, citing concerns over citizens’ data protection rights. Worldcoin, a project by Tools for Humanity, offers cryptocurrency in exchange for biometric data, aiming to create a global digital identity system. However, complaints about unauthorized data collection from minors and deficiencies in information provision prompted the regulator’s intervention.
U.S. prosecutors have charged KuCoin and its founders with violating anti-money-laundering laws, alleging the exchange operated illegally and failed to implement adequate compliance measures. The indictment accuses KuCoin of violating the Bank Secrecy Act and operating an unlicensed money transmitting business, with two founders facing related conspiracy charges. Despite KuCoin’s statement affirming adherence to regulations, the exchange’s regulatory troubles escalate amid allegations of facilitating billions in suspicious and criminal proceeds since 2017.
Copyright © 2024 CyberMaterial. All Rights Reserved.
