π What are the latest cybersecurity alerts, incidents, and news?
HTTP/2, DoS Attacks, Carnegie Mellon Institute, Vietnam, Hackers, Financial Data, Asia, Cisco Talos, AI, Brand Impersonation, Malware Surge, Canva, India, The420, Latrodectus, Malware, IcedID, Network Breaches, Proofpoint, Acuity, Government Data, Florida, Juvenile Justice, Ontario, Hospitals,Windsor Star, Australia, Diabetes WA, Patients Contact Information, Florida Hernando County, IT Services, Evan Axelbank, Miami County, Bolsters, Cybersecurity Grant, Miami Valley Today, NIST, Cyber Workforce Development, Google, Developers, Fraudulent, Crypto Apps, US District Court, Southern District of New York, Minimum Viable Secure Product, US Cybersecurity Infrastructure Security Agency
Listen to the full podcast
π¨Β Cyber Alerts
Recent research uncovers a critical flaw in the HTTP/2 protocol’s CONTINUATION frame, dubbed HTTP/2 CONTINUATION Flood. Security researcher Bartek Nowotarski identified this vulnerability, emphasizing the risk it poses to server availability. With multiple implementations affected, immediate software updates are crucial to safeguard against potential attacks, while temporary HTTP/2 disablement could serve as a mitigation strategy.
Cisco Talos tracks the CoralRaider cluster, a Vietnamese-origin cyber threat targeting Asia since May 2023. Using malware like RotBot and XClient stealer, they harvest credentials and financial data, with a focus on business accounts. Telegram serves as their exfiltration conduit, trading stolen information in underground markets for profit.
Cybercriminals exploit Facebook pages mimicking popular AI brands to distribute malware, Bitdefender researchers warn. These fake pages, resembling legitimate AI product hubs, trick users into downloading malware-laden software advertised as AI tools. The campaigns, targeting European users predominantly, leverage Meta’s ad system, underscoring the widespread reach of the malicious activities.
Canva faces scrutiny as the Indian Cybercrime Coordination Centre investigates a surge in cyber fraud incidents linked to the platform. Exploiting Canva’s popularity, criminals engage in phishing and host malicious domains, prompting calls for swift action from authorities. Despite Canva’s wide user base and accessibility across devices, concerns persist over its vulnerability to exploitation by hackers and scammers.
Latrodectus emerges as a newer iteration of the notorious IcedID loader, identified by cybersecurity experts at Proofpoint and Team Cymru. This malware, spotted since November 2023, exhibits unstable and experimental traits, raising concerns about its evolving capabilities. Initially distributed through phishing campaigns by threat actors TA577 and TA578, Latrodectus employs sophisticated tactics such as fake copyright infringement notices and sandbox evasion checks to infiltrate targeted organizations, posing a significant threat to cybersecurity.
π₯ Cyber Incidents
Acuity, a technology firm, confirms a cybersecurity incident after hacker IntelBroker claims to have accessed data from US government agencies, including the State Department. While Acuity asserts the compromised data isn’t sensitive, IntelBroker alleges to possess “classified communications and information” alongside personal records. As investigations ensue, both Acuity and government agencies are responding to the breach, emphasizing the need for heightened cybersecurity measures.
PHackers infiltrated the Florida Department of Juvenile Justice’s computer network in Tallahassee, prompting a shutdown of crucial systems used statewide. The agency’s spokesperson, Amanda Slama, confirmed the security breach and stated that protecting system integrity remains their top priority. While the extent of the damage is still being assessed, the incident has disrupted operations, with employees resorting to offline methods to manage juvenile cases.
Following a cyberattack last fall, Ontario hospitals, including those in Windsor-Essex, prepare to send letters to over 326,000 impacted patients, detailing the breach. Despite disruptions, most systems are restored, with CEOs emphasizing patient privacy and expressing regret over the incident’s distressing aftermath. The hospitals coordinate with Ontario’s Information and Privacy Commissioner to ensure thorough communication and support for affected individuals.
Diabetes WA acknowledges a breach where a third party accessed personal details, including sensitive data like Medicare numbers, impacting contacts in Australia. Despite the breach, detailed medical records and clinical information remained secure. The organization swiftly closed the compromised account, contained the breach, notified affected individuals, and initiated investigations with relevant authorities and cyber response plans.
Hernando County grapples with an IT network disruption, forcing several services offline and prompting an investigation into the attack. Despite the setback, essential services persevere, with reassurance from County Clerk Doug Chorvat regarding public safety functions remaining operational. The involvement of the FBI suggests a potential overseas origin for the attack, raising concerns about the motive behind the cyber intrusion.
π’ Cyber News
Miami County Commissioners demonstrate their dedication to cybersecurity by approving a 2024 grant for the county’s IT department during the session on April 2. This collaborative effort with CORSA aims to enhance cybersecurity measures, including provisions for implementing an advanced multi-factor authentication process, as emphasized by Adam Emswiler, Director of the IT department. The grant seeks to alleviate financial constraints associated with deploying a comprehensive two-factor authentication system across county agencies, fostering resilience against cyber threats.
In an increasingly digital maritime landscape, cyber threats loom large over vessels worldwide. Despite the recent Francis Scott Key Bridge incident being unrelated to cyber terrorism, it underscores the vulnerability of ships to such attacks, necessitating stringent cybersecurity regulations and industry-wide compliance to safeguard against potential disasters. As the July 1 deadline for new IACS cybersecurity requirements approaches, the maritime sector faces critical challenges in fortifying its defenses against evolving cyber threats, emphasizing the urgent need for robust cyber resilience measures.
The U.S. Department of Commerceβs National Institute of Standards and Technology invests $3.6M to train cybersecurity workforce, addressing a critical shortage. With grants going to 18 organizations nationwide, efforts focus on aligning local needs with the NICE Workforce Framework. RAMPS projects offer diverse pathways to fill the 450K cybersecurity job openings in the U.S.
Google takes legal action against alleged developers of fraudulent crypto investment apps. Defendants accused of orchestrating pig butchering scams targeting victims through social engineering tactics. Lawsuit alleges misrepresentations to Google, with over 100,000 downloads of deceptive apps.
CISA announces its participation in the MVSP Working Group, aiming to enhance software security. As organizations increasingly prioritize secure technology procurement, the MVSP offers a simplified checklist for vendors and buyers, aligning with CISA’s Secure by Design initiative. By shaping the MVSP’s direction, CISA aims to foster a future where technology prioritizes security from inception.
Copyright Β© 2024 CyberMaterial. All Rights Reserved.
