π What are the latest cybersecurity alerts, incidents, and news?
Microsoft, BLOODALCHEMY, ITOCHU, RustDoor, Rapid7, GitLab, XSS, Google, Chrome, Zero-Day, ACSA, Mecklenburg-Western Pomerania, DDoS Attacks, WELT, Belgium, Dreamwall, Cyberattack, Telepro, Singapore, Jumbo Group, Mustafa, Cyber Attacks, The Straits Times, Mpact, De Standaard, US House Committee, Cyber Force Study, National Defense, Facial Recognition, Sports Stadiums, Privacy International, Political Consultant, Biden Deepfake Robocalls, US Federal Communications Commission, FCC, Family Offices, Dentons, National Vulnerability Database, VulnCheck, Exploited Software Bugs.
Listen to the full podcast
π¨Β Cyber Alerts
Microsoft has issued an emergency update to fix a bug causing 0x800f0982 errors on Windows Server 2019. This issue, affecting the installation of May 2024 Patch Tuesday updates, was widespread among non-English language pack users. The KB5039705 update resolves this problem, allowing successful installation of security patches.
Researchers have discovered that BLOODALCHEMY, used in attacks on Southeast Asian governments, is an updated version of Deed RAT, derived from ShadowPad. The malware is injected into a benign process using DLL side-loading and is capable of various malicious activities. BLOODALCHEMY’s development highlights its role in sophisticated cyber espionage campaigns.
Malicious actors exploit Justice AV Solutions software to distribute RustDoor malware via a supply chain attack. The malware establishes a connection with a command-and-control server to execute obfuscated PowerShell scripts and download additional payloads, posing a significant security threat.
GitLab addresses XSS flaw allowing attackers to hijack accounts, urging immediate upgrades for all installations. The vulnerability, tracked as CVE-2024-4835, poses a significant threat, requiring user interaction for exploitation.
Google swiftly addresses a high-severity vulnerability, CVE-2024-5274, exploited in the wild, marking the fourth zero-day patched recently. The update, Chrome version 125.0.6422.112, includes critical security fixes, urging users to update promptly to safeguard their browsing experience.
π₯ Cyber Incidents
Nearly 55,000 individuals notified of compromised data following a cyberattack on ACSA, largest school administrators’ association. The breach, discovered in September 2023, exposed sensitive information, including Social Security numbers and payment card details. Despite no evidence of identity theft, impacted individuals receive 12-month credit monitoring.
Hacker activity has partially paralyzed the websites of the state government and police of Mecklenburg-Western Pomerania, Germany. Since Thursday morning, access to various state government, state police, and Office for the Protection of the Constitution websites has been limited, as announced by the government in Schwerin.
Dreamwall’s installations in Marcinelle unavailable since Wednesday due to Akira ransomware attack. RTBF weather presenter Caroline Dossogne relocated amid technical issues. RTBF and local media unable to produce weather reports; TV5MONDE airs shortened program without explanation.
Well-known Singapore firms Jumbo Group and Mustafa face cyber attacks. Jumbo Group confirms a recent ransomware incident, activating its business continuity plan with no significant operational impact reported. Meanwhile, Mustafa deals with a data leak after a cyber attacker claims to have stolen personal information from customers and employees.
Hackers target shared mobility provider Mpact, crippling services including Cambio’s phone exchange. Mpact director Angelo Meuleman suspects ransomware and calls in Federal Police. Mobitwin, serving 40,000 users, affected; Mpact races to restore services.
The House Armed Services Committee, in a late-night session, unanimously approved a provision calling for an independent study on the creation of a U.S. Cyber Force. This requirement was added to the House version of the defense policy bill, marking a significant step towards addressing mounting bipartisan frustration over the existing military branches’ failure to adequately support U.S. Cyber Command.
Privacy International’s plea to the UN highlights concerns over facial recognition’s intrusion at sports events, urging regulation. They fear its widespread use could suppress fundamental rights and lead to discrimination, calling for stringent oversight and remedies for violations.
A political consultant, Steven Kramer, faces charges for distributing AI-generated deepfake robocalls impersonating President Biden in New Hampshire, prompting the FCC to propose hefty fines against Lingo Telecom, the carrier facilitating the calls. The FCC’s Chief of the Enforcement Bureau emphasized swift action to prevent misuse of AI in elections. This marks a significant concern as the FCC warns of AI’s potential impact on the 2024 elections and proposes new rules to ensure transparency in political advertising.
A new survey reveals growing cyber threats to North American family offices, with 25% reporting attacks in 2023. As lucrative targets for hackers due to wealth and minimal staff, family offices often lack adequate defenses and training against cybercriminals, experts warn. Despite rising awareness, many offices lag in developing robust cyber risk management processes, leaving sensitive financial information vulnerable to attacks.
A recent VulnCheck report unveils that most exploited software vulnerabilities evade NVD analysis. Out of 59 known exploited vulnerabilities since February 12, 30 remain unexamined by the NVD team. This alarming revelation highlights the rapid weaponization and exploitation of vulnerabilities. Despite initiatives like CISA’s Vulnrichment program, significant challenges persist in vulnerability analysis and mitigation.
Copyright Β© 2024 CyberMaterial. All Rights Reserved.
