π Whatβs going on in the cyber world today?
Qualcomm, LTE Network Vulnerability, AI,Β Invoice Attacks, Cisco ASA, Chrome, Phishing, Remcos RAT, UAC-0050, Radiant Capital, Orange Spain, Mandiant, MOVEit Transfer, Crunchbase, Windows 11, MacOS Malware, XGold, Dark Web, LastPass, Ransomware.
π¨Β Cyber Alerts
1.Β Critical LTE Flaw in Qualcomm Chips
Qualcomm disclosed a critical vulnerability on New Yearβs Day that would allow remote attacks via malicious voice calls over LTE networks. The January 2024 security bulletin lists a total of 26 vulnerabilities, including four critical vulnerabilities, affecting Qualcomm chipsets. Patches have already been made available to original equipment manufacturers (OEMs) whose devices use Qualcomm chips, including those in the popular Snapdragon series. The most severe bug, tracked as CVE-2023-33025, has a CVSS score of 9.8, involving a classic buffer overflow flaw causing memory corruption during Voice-over-LTE (VoLTE) calls.
2.Β GXC Team Unleashes AI Invoice Tool
Cybercriminals, known as βGXC Team,β have unveiled an AI-powered tool, βBusiness Invoice Swapper,β for creating fraudulent invoices to facilitate wire fraud and Business Email Compromise (BEC). The tool, available on the Dark Web, is offered on a rental basis with subscription plans starting from $2,000 per week or a one-time fee of $15,000 for unlimited access. The AI-driven tool identifies compromised emails, alters banking information in invoices, and targets victims predominantly in the U.K. and EU countries, highlighting the growing sophistication of cybercrime using artificial intelligence.
3.Β Cisco ASA Vulnerability for Sale
A threat actor named βxc7d2f4β is allegedly selling a remote command injection vulnerability for Cisco ASA, affecting all 55XX series devices. Cisco ASA, known for combining firewall, antivirus, intrusion prevention, and VPN capabilities, is widely used for securing networks and data centers. The sale of this vulnerability on the dark web raises concerns about potential unauthorized access, takeover of critical infrastructure, and the broader impact on affected organizations, including financial losses and reputational damage.
4.Β Google Chrome Update Enhances Security
Google has rolled out an update to its Chrome browser, reaching version 120.0.6099.199 on Mac and Linux, and 120.0.6099.199/200 on Windows. The Extended Stable channel has also seen updates for both Mac and Windows. This release incorporates crucial security fixes, including addressing issues like use-after-free vulnerabilities in ANGLE and WebAudio, as well as a heap buffer overflow in ANGLE. The company appreciates external researchersβ contributions and emphasizes ongoing internal security efforts through audits, fuzzing, and other initiatives, reaffirming its commitment to enhancing browser safety.
5.Β UAC-0050βs Advanced Phishing with Remcos RAT
The UAC-0050 threat actor is employing innovative phishing tactics to deploy the Remcos RAT, a well-known malware for remote surveillance and control. Uptycs security researchers revealed the groupβs latest strategy, integrating a pipe method for interprocess communication, showcasing their adaptability. Operating since 2020, UAC-0050 historically targets Ukrainian and Polish entities through social engineering campaigns, with its recent activities involving at least three phishing waves and the deployment of the Meduza Stealer information stealer in one attack.
π’ Cyber News
11.Β Microsoft Unveils AI Key for Copilot
Microsoft has introduced an AI key, marking the biggest change in its keyboards in three decades. The key grants access to Copilot, an AI tool powered by Microsoftβs investment in OpenAI, offering users assistance with tasks like searching, writing emails, and image creation. This transformative addition aims to simplify and amplify the user experience on new Windows 11 PCs, reflecting a significant shift in keyboard technology.
12.Β Surge in macOS Malware in 2023
Security researcher Patrick Wardle reports a 50% increase in new macOS malware families in 2023, totaling 21. The findings encompass various threats, including ransomware like the Mac version of LockBit and Turtle, showcasing cybercriminalsβ continued interest in targeting Apple devices. Information stealers, notably PureLand, Realst, and others, were prevalent, highlighting a concerning rise in threats against macOS users.
13.Β Surge in Fake X Gold Accounts Poses Risks
A surge of fake or stolen X Gold accounts has inundated marketplaces and forums on both the surface web and the dark web over the past year, according to CloudSEK. Threat actors have employed various techniques to forge or steal X Gold accounts since the introduction of Elon Muskβs verified accounts program in December 2022. The report reveals that cybercriminals use methods like manually creating fake accounts, brute-forcing existing accounts, and using malware to harvest credentials. The dark web prices for these fake or stolen accounts range from $0.30 for a new X account without a checkmark to around $500 for a Gold account, posing risks such as phishing campaigns and reputation damage for the compromised owners.
14.Β LastPass 12-Character Master Password Rule
LastPass has reinforced its security measures by requiring all users to have a complex master password with a minimum of 12 characters. Despite having this requirement since 2018, users previously had the option to use a weaker password. In addition to the new master password rules, LastPass will now check new or updated passwords against a database of leaked credentials from the dark web to ensure they donβt match compromised accounts, enhancing overall account security.
15.Β Ransomware Surge in US in 2023
The U.S. has experienced a significant rise in confirmed ransomware attacks, increasing from 220 in 2022 to 321 in 2023, according to a report by Emsisoft. The data reveals a 60% surge in attacks on hospital systems, an 82% increase in K-12 school district victims, and a 48% rise in post-secondary schools. The report highlights the escalating impact of ransomware, emphasizing the need for enhanced cybersecurity measures across various sectors to mitigate the growing threat.
Copyright Β© 2024 CyberMaterial. All Rights Reserved.
