👉 What’s happening in cybersecurity today?
Mac Malware, Security Flaws Smart Doorbell Cameras, Phishing Kit, Cryptocurrency, WordPress Plugins, SocGholish Malware, Microsoft Edge, Memory Errors, Virgin Hotels, Tucson’s Casino Del Sol, Taiwan Based Chunghwa Telecom, Data Theft, Auxo Car Dealership Software, Toy Retailer Franz Carl Weber, U.S. Coast Guard, Cyber Defense, NSO Group, Pegasus Source Code, Browser Credential Dumping, Germany, Cybercrime Hub, Iranian National Indicted, Cyber Campaign Targeting U.S.
Listen to the full podcast
1. Mac Malware Spread via Calendar Links
Cybercriminals are luring Mac users interested in cryptocurrency with fake calendar invites, installing malware via fabricated meeting links. Brian Krebs flagged the issue while scammers, posing as investors, operate on Telegram channels to entice victims into attending fraudulent meetings about future partnerships. Malwarebytes’ Thomas Reed warns of the threat, explaining how AppleScripts easily gain administrator permissions, facilitating the execution of malicious actions on Mac systems.
2. Smart Doorbell Flaws Exposed
Security vulnerabilities in smart doorbell cameras allow threat actors to remotely access and control the devices, posing significant privacy and safety risks to users. Researchers discovered that several doorbell cameras sold under different brand names share the same flaws, leaving thousands of users vulnerable to surveillance and potential exploitation by malicious actors. Despite some efforts by online marketplaces to remove the flawed products, such as Walmart offering refunds, the continued availability of these devices underscores the need for heightened scrutiny and accountability from e-commerce platforms like Amazon.
3. Phishing Kit Targets Crypto Users via SMS
A novel phishing kit, part of the CryptoChameleon attack cluster, mimics top cryptocurrency services’ login pages, primarily aiming at mobile users. Lookout reports over 100 successful victims, including employees of FCC, Binance, Coinbase, and users of various platforms. The sophisticated kit deploys SMS, email, and voice phishing alongside tailored login pages, evading detection with CAPTCHA and real-time customization.
4. SocGholish Malware Attacks WordPress Sites
A resurgence of SocGholish malware has surfaced, now disguising itself within fake WordPress plugins. Typically, SocGholish operates through fake browser updates, but this new tactic involves infiltrating legitimate plugins, exploiting outdated or abandoned ones to distribute the malware. This development underscores the critical need for vigilance in safeguarding WordPress sites against evolving cyber threats.
5. Edge Update Memory Issue Resolved
Microsoft withdrew the Edge 122.0.2365.63 update following widespread user reports of “Out of memory” errors, which caused crashes while browsing or accessing browser settings. The issue stemmed from the Enhanced Web Protection feature, particularly when set to ‘Strict’ protection, prompting users to adjust settings to resolve the bug. Despite previous instances of the bug in Edge Canary, Microsoft released version 122.0.2365.66 to address the memory errors experienced by users.
Virgin Hotels North America’s systems were breached, compromising sensitive data like Social Security numbers (SSNs). The company promptly informed affected individuals and engaged a cybersecurity firm to investigate the incident, revealing unauthorized access to storage server files. Despite uncertainty about the affected parties or locations, over 4,000 individuals’ SSNs were exposed, highlighting the grave risk of identity theft.
Tucson’s Casino Del Sol faced disruptions to various services, including ATMs, following an attempted breach of its systems. Despite efforts to address the situation, the casino continues to grapple with system outages, causing inconvenience to its patrons. The incident highlights the vulnerability of casinos to cyberattacks and the significant financial repercussions they can entail.
Taiwan’s Defense Ministry reveals that threat actors stole sensitive data, including military and government documents, from Chunghwa Telecom, the country’s largest telecom service provider. Leaked information, including government contracts, has surfaced on the dark web, prompting calls for strengthened information security measures to prevent further incidents. Despite assurances from the company that operations remain unaffected, persistent cyber threats, largely attributed to China-linked actors, continue to pose significant challenges for Taiwan’s cybersecurity landscape.
Hackers targeted Auxo, a software company servicing car dealerships and workshops, stealing confidential client information and attempting blackmail. The company has sought legal intervention to prevent the dissemination of client data online and faces the risk of exposure on the dark web if ransom demands are not met. While Auxo’s software is widely used in the automotive industry, the extent of the breach and potential impact on clients remains undisclosed, prompting heightened concern and legal action.
The Black Basta ransomware gang has allegedly stolen over 700 GB of sensitive data from toy retailer Franz Carl Weber, including personal information of employees, according to reports. Despite the confirmation of the attack by the retailer’s parent company, German drugstore chain Müller, details regarding the ransom demand and potential repercussions remain undisclosed. The incident underscores the persistent threat posed by cybercriminals and the urgent need for robust cybersecurity measures to safeguard sensitive data.
The U.S. Coast Guard is ramping up its Cyber Command operations and cybersecurity protection teams to address growing cyber risks in maritime transportation. Rear Admiral John Vann emphasized the need for a comprehensive approach to manage cyber threats during a House Homeland Security subcommittee hearing. President Biden’s executive order and proposed regulations aim to enhance collaboration between federal cyber authorities and U.S. ports, ensuring the safety and security of maritime infrastructure.
A U.S. judge has ruled in favor of Meta, instructing NSO Group to provide its source code for Pegasus and other remote access trojans as part of ongoing litigation. Meta’s lawsuit alleges NSO Group distributed spyware via Meta’s infrastructure, affecting around 1,400 mobile devices, including Indian activists and journalists. While NSO Group isn’t required to disclose its clientele, the ruling represents a significant legal victory for Meta in its battle against cyber espionage.
A new report by cybersecurity firm ReliaQuest highlights a concerning rise in browser credential dumping, affecting 21% of security incidents in 2023. Attackers use various methods, including phishing and exploiting vulnerabilities, to steal usernames, passwords, and other sensitive data stored by browsers, posing significant risks to organizations and individuals alike. As the threat landscape evolves, experts urge robust security measures, including multifactor authentication and password managers, to combat these increasingly sophisticated attacks.
German authorities apprehend operators and users of a major illegal trading site, Crimemarket, known for drug and cybercrime trade. The crackdown, following extensive investigations, led to multiple arrests and the seizure of incriminating evidence, marking a significant blow to cybercriminal operations in Germany. This decisive action underscores law enforcement’s commitment to combating online criminal activities and ensuring cyber safety.ks.
The individual is charged with conspiracy to commit computer fraud, wire fraud, and aggravated identity theft, facing up to 47 years in prison if convicted on all counts. The U.S. Department of State offers a reward of up to $10 million for information leading to his identification or location. Mahak Rayan Afraz, the company Nasab claimed to work for, was previously identified by Meta as a Tehran-based firm with ties to the Islamic Revolutionary Guard Corps (IRGC).
Copyright © 2024 CyberMaterial. All Rights Reserved.
