π What’s trending in cybersecurity today?
Spectre, Linux Kernel, Windows, Rust Library Exploit, Microsoft Azure Kubernetes Patch, Cryptomining Botnet, RUBYCARP Hackers, LG WebOS Vulnerabilities, Paris Saint-Germain, Wisconsin Healthcare, GHC-SCW, Ransomware Breach, Australia, Motorcycle, Genios Database, Germany Crypto Investor, Chrome Extension, Microsoft Invest, Japan AI Boost,, Tesla, Autopilot Crash Lawsuit, Cyera, The Sun, Phone-Hacking.
π¨Β Cyber Alerts
Cybersecurity experts unveil the “first native Spectre v2 exploit” targeting the Linux kernel on Intel systems, dubbed Native Branch History Injection (BHI). This exploit, tracked as CVE-2024-2201, bypasses existing mitigations and allows the leakage of arbitrary kernel memory. Intel systems are affected, posing a significant security risk.
A critical flaw in the Rust standard library enables threat actors to conduct command injection attacks on Windows systems, as identified by CVE-2024-24576. GitHub’s critical severity rating underscores the gravity of the vulnerability, which allows remote exploitation without user interaction. The Rust Security Response WG has addressed the issue by enhancing escaping code and modifying the Command API to prevent arbitrary command execution.
Microsoft has urgently released a major batch of security patches, addressing over 150 vulnerabilities, highlighting a critical flaw in Azure Kubernetes Service (AKS) that could grant full control to unauthorized hackers. The vulnerability, CVE-2024-29990, poses a severe risk with a CVSS score of 9/10, allowing unauthenticated attackers to compromise confidential containers beyond the service’s security scope, Microsoft warns. This extensive patch bundle also covers remote code execution bugs in Microsoft Defender for IoT and critical issues across various Microsoft products, marking one of the largest security updates from the tech giant since 2017.
A threat group known as RUBYCARP, suspected to be of Romanian origin, has been operating a sophisticated botnet for over a decade, engaging in crypto mining, DDoS attacks, and phishing campaigns. According to reports from Sysdig, the group utilizes a variety of public exploits and brute-force techniques to maintain its botnet, communicating through both public and private IRC networks.
Bitdefender uncovers critical flaws in LG smart TVs’ WebOS, allowing unauthorized access and control. Exploits range from bypassing authorization mechanisms to command injection. Vulnerable devices, exposed to the internet, pose risks including remote command execution and potential inclusion in botnet attacks.
π₯ Cyber Incidents
Paris Saint-Germain (PSG), a prominent French football club, faces a cyber attack, with its ticketing system under siege just ahead of the Champions League quarter-finals. Following swift detection by the club’s cybersecurity team, PSG promptly fortified its defenses and notified regulatory authorities of the breach, demonstrating a proactive approach to cybersecurity and transparency.
In January, Group Health Cooperative of South Central Wisconsin (GHC-SCW) fell victim to a ransomware gang, compromising the personal and medical details of over 500,000 individuals. Despite failing to encrypt devices, the attackers managed to copy sensitive data, including protected health information (PHI), leading to a subsequent data breach announcement. As GHC-SCW implements enhanced security measures to prevent future incidents, affected individuals are urged to remain vigilant and report any suspicious activity promptly.
A major Australian motorcycle distributor, MotorCycle Holdings, disclosed a data breach originating from unauthorized access to a third-party vendor’s web server. The breach affected two websites under its MOJO Motorcycles business, potentially exposing customer personal information. While affected customers will be individually notified, MotorCycle Holdings assures that its internal systems remain secure and operational despite the breach.
German database company Genios faces a ransomware attack, rendering its servers unavailable for several days, impacting media organizations, universities, and libraries. The Munich-based subsidiary of major media groups, including Frankfurter Allgemeine Zeitung and Handelsblatt, offers critical archives and business information, affecting educational institutions like Kempten University and customers like University of Giessen and Heilbronn City Library.
A cryptocurrency investor, known as “Sell When Over,” fell victim to two malicious Google Chrome extensions, allegedly resulting in an $800,000 loss. Suspecting keyloggers embedded in the extensions, the investor speculates that their confidential information, including seed phrases for cryptocurrency wallets, was compromised.
π’ Cyber News
According to Nikkei, Microsoft will inject $2.9 billion into its AI endeavors in Japan over two years. The investment will include AI semiconductors installation and a reskilling program for three million workers. Additionally, OpenAI is set to open a Tokyo office after Microsoft’s $13 billion investment last year.
The UK Government’s Cyber Security Breaches Survey 2024 reveals that half of UK businesses and two-thirds of charities have suffered cyber incidents or data breaches in the past year, marking an increase from the previous year’s statistics. Phishing emerges as the primary attack vector for both businesses (84%) and charities (83%), underscoring the pervasive threat landscape.
Tesla has quietly resolved a five-year legal battle with the family of an Apple engineer who died in a 2018 crash while driving in Autopilot mode. The terms of the confidential agreement were filed in a California court document, shielding the settlement amount from public view. This resolution spares Tesla from a highly publicized trial that could have scrutinized its Autopilot and Full Self-Driving software.
Cyera, a data security firm, secures $300 million in Series C funding, elevating its valuation to $1.4 billion. Prior funding rounds totaled $160 million, with the company emerging from stealth mode in 2022 and announcing additional funding in 2023.
The Sun grapples with financial losses totaling Β£515M over five years, exacerbated by declining print sales and ongoing phone-hacking litigation, as its online audience dwindles by 4 million readers. Despite efforts to combat inflationary pressures and challenging advertising markets, the tabloid faces significant setbacks in revenue and readership.
Copyright Β© 2024 CyberMaterial. All Rights Reserved.
