π Whatβs going on in the cyber world today?
North Korea, Job Interviews, Unicode, Obfuscation, Mongolian Skimmer, E-Commerce Sites, Cryptocurrency, Firefox Zero-Day, HCL Technologies, Collaboration Software, Internet Archive, DDoS, CreditRiskMonitor, Perfection Fresh, Sarcoma Ransomware, Louisiana, Vermilion Parish School District, Australia, The Plastic Bag, US Department of Justice, AI Guidelines, Russia, Turkey, Discord Ban, Marriott, $52 Million Settlement, Dutch, Irish, Police, Bohemia, Dark Web Marketplace, Human Security, $50 Million Funding, Fraud Defense, Ad Integrity
Listen to the full podcast
π¨Β Cyber Alerts
1.Β Fake Interviews Used to Infect Developers
North Korean hackers have launched a sophisticated phishing campaign targeting developers through fake job interviews, spreading cross-platform malware designed to infiltrate both Windows and macOS systems. Dubbed βContagious Interviewβ by Palo Alto Networksβ Unit 42, the attackers pose as recruiters on job search platforms, tricking victims into downloading malware disguised as coding assignments. The malware, known as BeaverTail and InvisibleFerret, is capable of stealing browser passwords, cryptocurrency wallet data, and other sensitive information.
2.Β Hackers Use Unicode to Conceal Skimmer
Cybersecurity researchers have uncovered a sophisticated campaign involving a new digital skimmer known as the βMongolian Skimmer,β which utilizes Unicode obfuscation techniques to conceal its malicious code. This skimmer targets e-commerce platforms, aiming to steal sensitive financial information entered by users during checkout processes. The code employs a heavy use of invisible Unicode characters, making it challenging for analysts to read and detect.
3.Β New Malware Campaign Targets Crypto Users
A recent wave of crypto-swiping malware has infected over 28,000 users, primarily targeting devices to mine and steal digital assets. Despite its extensive reach across countries like Russia, Belarus, Uzbekistan, Kazakhstan, Ukraine, Kyrgyzstan, and Turkey, the malware only managed to secure approximately $6,000 in cryptocurrency, according to cybersecurity firm Doctor Web. Disguised as legitimate software, the malware infiltrated usersβ devices by masquerading as office tools, game cheats, and online trading bots.
4.Β Firefox Zero-Day Vulnerability Under Attack
Mozilla has issued an urgent security update for Firefox and Firefox Extended Support Release (ESR) following the discovery of an actively exploited zero-day vulnerability, tracked as CVE-2024β9680. The critical flaw, a use-after-free bug in the browserβs Animation timeline component, allows attackers to execute arbitrary code in the content process. This vulnerability, discovered by ESET researcher Damien Schaeffer, has been patched in Firefox version 131.0.2 and ESR versions 128.3.1 and 115.16.1.
5.Β HCL Connections Flaw Allows Data Theft
HCL Technologies has identified a critical vulnerability, CVE-2024β30118, in its collaboration software, HCL Connections, which could allow unauthorized access to sensitive data. This flaw, stemming from improper handling of request data, affects versions 7.0 and 8.0 of the platform and has been assigned a CVSS score of 3.5, indicating a low to moderate impact with potential for exploitation through remote attacks requiring limited user interaction.
π₯ Cyber Incidents
6.Β Internet Archive Hit With Major Data Breach
The Internet Archive, a nonprofit dedicated to digitizing and archiving digital materials, recently suffered a significant cyberattack that resulted in a data breach affecting 31 million users. On Wednesday, visitors to the site encountered alarming pop-up messages warning them of a catastrophic security breach. The data breach, confirmed by Have I Been Pwned (HIBP), led to the theft of unique email addresses and usernames. Additionally, the organization faced a distributed denial-of-service (DDoS) attack, with a hacktivist group claiming responsibility.
7.Β CreditRiskMonitor Breach Affects Employees
CreditRiskMonitor, a provider of intelligence and analytics for credit and supply chain professionals, has disclosed a data breach that may have compromised the personal information of its employees and independent contractors. The company detected unauthorized access to its network on July 19, prompting an investigation that revealed attackers might have viewed or copied personally identifiable information (PII) belonging to affected individuals.
8.Β Perfection Fresh Hit by Ransomware Attack
Perfection Fresh, one of Australiaβs largest privately owned fresh produce companies, has confirmed a ransomware attack by the Sarcoma group, which has claimed to have stolen 690 gigabytes of sensitive data. The cybercriminals published employee passport scans and confidential agreements on their dark web leak site as proof of the breach. In response, Perfection Fresh has secured an injunction to prevent any unauthorized access or dissemination of the leaked data and has advised stakeholders to remain vigilant against potential phishing attempts.
9.Β Vermilion Parish Schools Face Cyberattack
The Vermilion Parish School District in Louisiana experienced significant disruptions on Monday due to a suspected cyberattack that temporarily compromised its network. Abbeville High School announced on social media that all schools within the district were taken offline as officials investigated the potential breach. In response to the incident, schools altered their phone numbers, accepting only emergency calls, and gradually restored their internet phone lines by midday.
10.Β Plastic Bag Company Hit With Ransomware
The Plastic Bag Company, a Sydney-based manufacturer, has confirmed it fell victim to a ransomware attack perpetrated by the Sarcoma gang, which has recently emerged in the cybercrime landscape. The attackers claim to have stolen 3.6 gigabytes of sensitive data, including tax returns, passport scans, and wage details, and have already published evidence of the breach online. While the specific ransom demand has not been disclosed, the Sarcoma group threatens to release further data in the coming weeks.
π’ Cyber News
11.Β US DOJ Developing AI Guidelines for Police
The United States Department of Justice (DOJ) is actively developing comprehensive guidelines for law enforcement agencies on the use of generative artificial intelligence (AI) and facial recognition technologies. As announced by senior counsel Michelle Ramsden, these guidelines aim to enhance public safety while prioritizing privacy safeguards and ethical considerations. The DOJ has finalized an AI compliance plan and is consulting with external experts to ensure responsible deployment of these technologies.
12.Β Russia and Turkey Block Access to Discord
Russia and Turkey have recently banned the messaging platform Discord, citing the companyβs refusal to comply with local regulations regarding content moderation. In Russia, the internet regulator Roskomnadzor announced the restriction, claiming that Discord was being misused for βterrorist and extremist purposes,β as well as drug trafficking. This ban follows a court ruling that fined Discord for not removing prohibited content. Meanwhile, in Turkey, the ban was implemented after a court accused the platform of failing to cooperate with authorities regarding issues like child abuse and online harassment.
13.Β Marriott Settles for $52M Over Data Breach
Marriott International has reached a $52 million settlement with the Federal Trade Commission (FTC) and 50 state attorneys general in response to a massive data breach linked to its Starwood Hotels subsidiary. The breach, which originated in 2014 but was not detected until September 2018, exposed sensitive information of hundreds of millions of customers, including payment card details and passport numbers. While Marriott admits no liability, the settlement mandates the company to enhance its data privacy and security measures significantly.
14.Β Bohemia Dark Web Admins Arrested in Europe
Dutch and Irish law enforcement authorities have arrested two alleged administrators of the dark web marketplace Bohemia, a platform primarily known for selling drugs, particularly cannabis products, and offering a limited range of exploits and malware advertisements. The arrests were made following an extensive investigation initiated in late 2022, which revealed that Bohemia operated multiple servers in the Netherlands. A 20-year-old British man was apprehended at Amsterdamβs Schiphol Airport in June, while 23-year-old Irishman Kevin Daniel Andrei was arrested in August.
15.Β Human Security Raises $50M for Fraud Defense
Human Security has successfully raised over $50 million in a funding round led by WestCap to enhance its click-fraud defense capabilities and expand its advertising integrity solutions. The New York-based company aims to leverage this growth capital to strengthen its data science and engineering teams while pursuing adjacent market opportunities. CEO Stu Solomon emphasized the strategic nature of this funding, stating that it would enable targeted investments in critical areas like bot mitigation and detection quality in digital ecosystems.
Copyright Β© 2024 CyberMaterial. All Rights Reserved.
