π What’s trending in cybersecurity today?
Google Chrome, Browser Crashes, SMS Stealer, Telegram, OAuth, XSS, Black Basta, Ransomware, Cuckoo Spear, Threat Actor, Windows, Microsoft Azure, DDoS Attack, Texas Wasleyan University, Terra Blockchain, Sharp, Cold Lake, Canada, Cyberattacks, US Senate, Online Safety Bill, Meta, Facial Recognition, Settlement, Reserve Bank of India, Payment System Regulations, California DMV, Digital Car Titles, Avalanche, Avax, Lineaje, Funding, Supply Chain Attacks
Listen to the full podcast
π¨Β Cyber Alerts
Google has released a critical security update for its Chrome browser, addressing three significant vulnerabilities, including one that could cause the browser to crash. The update, now available on the Stable channel, brings Chrome to version 127.0.6533.88/89 for Windows and Mac, and 127.0.6533.88 for Linux. The most severe flaw involves uninitialized use in Chrome’s Dawn graphics component, which could allow attackers to exploit the browser, leading to crashes or other malicious activities.
A massive cybercriminal campaign has been discovered targeting Android devices across 113 countries, using thousands of Telegram bots to spread SMS-stealing malware. This operation, identified by Zimperium researchers, has been active since February 2022 and involves over 107,000 distinct malware samples. The malware is distributed through deceptive methods, including malvertising and Telegram bots that promise pirated apps, which then harvest users’ phone numbers to track and exploit their devices.
Security researchers have uncovered a critical vulnerability affecting over one million websites, combining flaws in OAuth implementation with cross-site scripting (XSS) attacks. This vulnerability allows attackers to craft malicious URLs that mimic legitimate OAuth login attempts, intercepting the authentication process and gaining unauthorized access to user accounts.
The Black Basta ransomware group has upgraded its attack methods by deploying new custom malware designed to enhance its evasion tactics and network infiltration capabilities. Originally leveraging the QBot botnet for initial access, Black Basta has shifted to using advanced tools like DarkGate and SilentNight after QBot’s takedown by law enforcement. Recent updates include the use of custom malware such as DawnCry, DaveShell, and PortYard, which facilitate multi-stage infections and establish robust command-and-control connections.
Researchers have unveiled Cuckoo Spear, a new threat actor associated with the APT10 group, demonstrating a sophisticated and persistent cyber espionage campaign. Since December 2019, APT10’s LODEINFO malware has been targeting critical infrastructure and academic sectors, now linked to the newly discovered NOOPDOOR malware. This advanced threat suite uses a multi-layered approach for stealthy infiltration and long-term network access, employing domain-generation algorithm (DGA)-based C2 communication and modular backdoor tactics.
π₯ Cyber Incidents
On July 30, 2024, Microsoft experienced a significant global outage affecting Azure cloud services and Microsoft 365 products, lasting nearly 10 hours. The disruption, which began around 11:45 UTC and ended by 19:43 UTC, was triggered by a Distributed Denial-of-Service (DDoS) attack that overwhelmed Azure Front Door (AFD) components and Azure Content Delivery Network (CDN). Microsoft confirmed that a flaw in their defense mechanisms exacerbated the impact of the attack.
Texas Wesleyan University (TXWES) has announced a data breach that potentially compromised sensitive personal information of individuals, following a network disruption on October 6, 2023. The breach, detected after unauthorized access to certain files, involved personal details such as names, addresses, dates of birth, and Social Security Numbers. In response, TXWES has implemented a range of security measures, including network disconnection, credential resets, and enhanced security protocols.
On July 31, 2024, the Terra blockchain experienced a significant security breach, resulting in the theft of $6.8 million. The exploit, which took advantage of a reentrancy vulnerability in the networkβs Inter-Blockchain Communication (IBC) hooks, allowed attackers to withdraw funds repeatedly. The breach resulted in the loss of 60 million ASTRO tokens, $3.5 million USDC, $500,000 USDT, and 2.7 Bitcoin. Following the attack, Terra temporarily suspended its operations to address the issue.
Sharp Corp. has disclosed a significant data breach affecting over 100,000 customers, following unauthorized access to two of its online services. The company revealed on July 29 that personal information, including names, addresses, and phone numbers of 203 individuals, was compromised. The breach involved Sharpβs Cocoro Store and its food delivery service, Healsio Deli, with potential implications for credit card details. Customers who interacted with these sites between June 23 and 30 may have been exposed to a malicious website.
The City of Cold Lake, Alberta is grappling with a significant cyberattack that has severely disrupted operations across its facilities, including City Hall, the Energy Centre, and the Cold Lake Golf & Winter Club. The breach has affected phone systems, payment processes, and email communications, though city officials report no evidence of compromised personal or sensitive information. IT teams have managed to restore several payment systems and set up temporary terminals, but phone lines remain down, and full recovery may take days or longer.
π’ Cyber News
On July 30, 2024, the U.S. Senate passed the Kids Online Safety and Privacy Act (KOPSA), a groundbreaking piece of legislation aimed at enhancing online protections for children and teenagers under 17. The bill, which merges two significant proposals COPPA 2.0 and the Kidsβ Online Safety Act (KOSA) bans targeted advertising to minors, mandates consent for data collection, and provides tools for deleting personal information.
Meta has reached a historic $1.4 billion settlement with Texas, resolving a privacy lawsuit over the unauthorized use of facial recognition technology. The lawsuit, filed in 2022, accused Meta of violating state laws by capturing and utilizing residents’ biometric data without consent. Texas Attorney General Ken Paxton called the settlement the largest secured by a single state, surpassing previous records. Meta, which has already paid over $2 billion in similar settlements, expressed its commitment to further investments in Texas despite the financial hit.
The Reserve Bank of India (RBI) has announced new regulations aimed at strengthening cybersecurity and resilience in India’s digital payments ecosystem. The ‘Master Directions on Cyber Resilience and Digital Payment Security Controls’ mandate enhanced safety measures for non-bank Payment System Operators (PSOs), including payment gateways and third-party service providers. These regulations require PSOs to implement robust cybersecurity practices, such as online alert mechanisms, mobile payment security protocols, and card payment standards.
The California Department of Motor Vehicles (DMV) has made history by digitizing 42 million car titles on the Avalanche blockchain, a significant advancement in modernizing vehicle title transfers. This groundbreaking initiative, led by Oxhead Alpha, allows Californiaβs residents to manage their car titles digitally through a secure mobile wallet app, utilizing verifiable credentials. The integration of Avalancheβs blockchain technology aims to streamline the title transfer process, reduce physical visits to the DMV, and enhance security by preventing lien fraud with an immutable ledger.
Lineaje, a startup focused on software supply chain security, has secured $20 million in Series A funding to enhance its platform for detecting and mitigating vulnerabilities within software supply chains. Founded in 2021 by cybersecurity veterans Javed Hasan and Anand Revashetti, Lineaje provides tools to identify tampered or outdated open source software and recommends fixes to manage risks.
Copyright Β© 2024 CyberMaterial. All Rights Reserved.
