π What are the latest cybersecurity alerts, incidents, and news?
HTTP/2, DoS Attacks, Carnegie Mellon Institute, Vietnam, Hackers, Financial Data, Asia, Cisco Talos, AI, Brand Impersonation, Malware Surge, Canva, India, The420, Latrodectus, Malware, IcedID, Network Breaches, Proofpoint, Acuity, Government Data, Florida, Juvenile Justice, Ontario, Hospitals,Windsor Star, Australia, Diabetes WA, Patients Contact Information, Florida Hernando County, IT Services, Evan Axelbank, Miami County, Bolsters, Cybersecurity Grant, Miami Valley Today, NIST, Cyber Workforce Development, Google, Developers, Fraudulent, Crypto Apps, US District Court, Southern District of New York, Minimum Viable Secure Product, US Cybersecurity Infrastructure Security Agency
Listen to the full podcast
π¨Β Cyber Alerts
Threat actors exploit Magento flaw (CVE-2024-20720) to implant persistent backdoors in e-commerce sites. Adobe’s February 13 security update addressed the vulnerability, but attackers craftily use layout templates to execute arbitrary commands. This allows for the insertion of a Stripe payment skimmer, compromising financial data.
Hugging Face and similar AI-as-a-service providers face critical risks, allowing threat actors to escalate privileges and access other customers’ models. Shared infrastructure vulnerabilities enable attackers to execute arbitrary code, compromising the entire service and accessing sensitive data. Coordinated disclosure and mitigation efforts underscore the importance of caution and security measures when utilizing AI models.
Threat actors exploit employee accounts accessed from work devices as vectors to breach organizational systems. Recent attacks like the LinkedIn phishing scheme underscore the dangers, highlighting the need for heightened vigilance in online interactions.
A phishing campaign targets Latin American Windows users, employing a ZIP file attachment in emails from “temporary[.]link” addresses. Upon extraction, an HTML file leads to a fake invoice download, triggering a series of redirects and ultimately delivering a malicious RAR file with a PowerShell script. Trustwave SpiderLabs warns of similarities to past Horabot malware campaigns, emphasizing threat actors’ evolving tactics to evade detection.
Bogus Adobe Acrobat Reader installers distribute multi-functional malware named Byakugan. Clicking on a link in a Portuguese PDF triggers the installation of malicious DLL files, leading to the deployment of the final payload. Byakugan includes features like system data exfiltration, desktop monitoring, cryptocurrency mining, and keystroke logging, making detection challenging for security analysts.
π₯ Cyber Incidents
Turkish hackers breach French government websites, sending messages asserting Turkish nationalist motives. The Cerc website, now under the control of the group “Turkic Hackers Rulez,” displays messages supporting the Gray Wolf movement and demanding action against China’s treatment of Uighurs. This attack adds to a series of cyber assaults in France, including recent breaches targeting ministries, companies, and organizations, raising concerns ahead of the 2024 Olympics in Paris.
Anonymous launches cyber attacks on Israel, targeting Justice Ministry and other institutions. The hackers breach systems, exposing sensitive data and issuing warnings to neighboring countries. Israel remains vigilant amid escalating tensions with Iran, preparing for potential retaliatory actions.
A cyber attack on Citizens Channel raises concerns about media freedom and access to independent information in Albania. The online media outlet faced coordinated efforts to undermine its operations, with posts removed from Facebook and a subsequent DDoS attack on its website suspected. Safe Journalists Albania expressed concern over the compromised profile and security of Citizens Channel, highlighting the shrinking space for quality independent journalism in the face of coordinated attacks and censorship attempts.
CVS Group faces significant disruption after a cyber incident affecting its global veterinary operations. The attack, involving unauthorized external access to IT systems, prompted the company to temporarily take its systems offline to prevent further breaches. While efforts are underway to restore IT services and enhance security measures, operational impacts are expected to persist for weeks.
A cyber attack on Dutch TV channel BabyTV exposes toddlers to Russian propaganda, sparking concerns over children’s channel security. The incident, occurring on Thursday, March 28, disrupted regular programming with unexpected political content, raising questions about satellite transmission system vulnerabilities. Experts caution that this breach, affecting not only the Netherlands but also Portugal and Scandinavia, signals a concerning new frontier in cyber threats to satellite television.
π’ Cyber News
The United States House of Representatives prepares to vote on reauthorizing Section 702 surveillance program next week, sparking debate over national security versus privacy. Critics argue the bill raises privacy concerns while proponents highlight its role in thwarting terror attacks and cyber intrusions. The proposed legislation includes provisions for increased oversight and restrictions on searches targeting Americans, addressing bipartisan pushback and civil liberties advocates’ demands.
Germany is bolstering its military with a dedicated cyber branch to counter Russian cyber aggression. The newly expanded Cyber and Information Domain Service (CIR) will combat hybrid threats and perform electronic warfare, aligning with NATO’s defense priorities. As tensions escalate and cyberattacks persist, Germany fortifies its defenses to safeguard against Russian influence operations and disinformation campaigns.
The National Security Agency (NSA) has appointed Dave Luber as its new cybersecurity director, succeeding Rob Joyce who retired in March after 35 years of service. Luber, with over three decades of experience including roles at NSA and US Cyber Command, will lead efforts to prevent and eradicate cyber threats to national security systems and defense infrastructure. As Luber assumes his new role, the NSA aims to enhance its cybersecurity measures and collaborate with partners to safeguard against evolving cyber threats.
Microsoft reports that Chinese hackers are leveraging AI to exacerbate social tensions in the US, employing generative technology to fuel domestic discord and influence elections. The sophisticated campaigns fabricate content ranging from fake news to AI-generated audio clips, aiming to manipulate public opinion and sow division. With major elections on the horizon, experts warn of the escalating threat posed by AI-driven disinformation tactics orchestrated by foreign actors like China and North Korea.
Cloudflare’s acquisition of Baselime signifies a leap forward in simplifying serverless application development, aligning with their mission to enhance the cloud computing experience. Baselime’s innovative observability platform promises to offer deep insights into the behavior of serverless applications, complementing Cloudflare’s existing suite of cloud computing services. This synergistic partnership aims to streamline the development process and empower developers with comprehensive observability, paving the way for enhanced efficiency and performance in the cloud.
Copyright Β© 2024 CyberMaterial. All Rights Reserved.