Welcome to v059 : It’s Cyber Budget Time
November 12, 2024
News: Year-Old Veeam Vulnerability Exploited in Fresh Ransomware Attack
| Akira and EstateRansomware cybercrime gangs have been exploiting a year-old Veeam Backup & Replication vulnerability in recent attacks. |  |
News: Akira Ransomware: Lightning-Fast Data Exfiltration in 2-ish Hours
 |
The gang’s time from initial access to draining data out of a Veeam server is shockingly fast; after which the attackers went on to deploy actual ransomware in less than a day. |
| The campaign aims to deploy the Atomic Stealer malware on infected systems. Campaign ads were traced to Hong Kong |  |
Cyber Savvy AI Antics |
 |
|
Prompt: Create a funny, non-nonsensical paragraph that leverages as many technology and cybersecurity acronyms as possible. In a world where the CEO was frantically trying to FTP his TPS reports before the VPN expired, the IT department discovered an AI-driven bug in their IoT toaster, which began broadcasting SQL injections via WiFi to every IoT fridge in the office. Meanwhile, the CISO, wearing his best DDoS-resistant tinfoil hat, was busy deploying a BYOD policy that mandated MFA on all LOLcats shared over HTTP. Elsewhere, the CTO was decrypting LOL files with a quantum-powered API while the intern tried to patch a zero-day exploit using a USB filled with GIFs of dancing firewalls. As chaos ensued, the office coffee maker achieved sentience and declared itself the new CIO, promising to replace all Java with espresso-based cybersecurity solutions. |
News: Kaspersky Exits U.S. Market Following Commerce Department Ban
| Russian security vendor Kaspersky has said it’s exiting the U.S. market nearly a month after the Commerce Department announced a ban on the sale of its software in the country citing a national security risk. |  |
News: Navigating Insider Risks: Are your Employees Enabling External Threats?
 |
Attacks on your network are often meticulously planned operations launched by sophisticated threats. Sometimes your technical fortifications provide a formidable challenge, and the attack requires assistance from the inside to succeed. For example, in 2022, the FBI issued a warning1 that SIM swap attacks are growing: gain control of the phone and earn a gateway to email, bank accounts, stocks, bitcoins, identity credentials, and passwords. This past spring, current and former T-Mobile and Verizon employees reported receiving unsolicited text messages asking if they would be interested in some side cash2 in exchange for intentionally enabling the “SIM jacking.” |
News: CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices
| Cybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to crash as part of a widespread outage late last week. |  |
News: KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack
 |
American cybersecurity company KnowBe4 says a person it recently hired as a Principal Software Engineer turned out to be a North Korean state actor who attempted to install information-stealing on its devices. |
Breach: Email addresses of 15 million Trello users leaked on hacking forum
| A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January. |  |
News: Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide
 |
Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike |
News: Two Russian Nationals Plead Guilty in LockBit Ransomware Attacks
| Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme and helping facilitate ransomware attacks across the world.. |  |
News: Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike
 |
A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike tool. |
News: RockYou2024: 10 billion passwords leaked in the largest compilation of all time
| The largest password compilation with nearly ten billion unique passwords was leaked on a popular hacking forum. The Cybernews research team believes the leak poses severe dangers to users prone to reusing passwords. |  |
CMMC: DoD and Congress should walk away from CMMC
 |
In this op-ed, William Greenwalt of the American Enterprise Institute lays out reasons why the DoD and Congress should move away from CMMC 2.0. |
Podcast: Up-level your SOC with inside tips
| Join Vectra AI’s product team as they explore the latest threats and how to defend against them. |  |
News: The NSA advises you to turn your phone off and back on once a week – here’s why
 |
Powering off your phone regularly, disabling Bluetooth when it’s not needed, and using only trusted accessories are just some of the NSA’s security recommendations. |
Vulnerability Vortex
Millions of Devices Vulnerable to ‘PKFail’ Secure Boot Bypass Issue
| Several vendors for consumer and enterprise PCs share a compromised crypto key that should never have been on the devices in the first place. |  |
Critical ServiceNow RCE flaws actively exploited to steal credentials
 |
Threat actors are chaining together ServiceNow flaws using publicly available exploits to breach government agencies and private firms in data theft attacks. |
WhatsApp for Windows lets Python, PHP scripts execute with no warning
| A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them. |  |
Apple Rolls Out Security Updates for iOS, macOS
 |
Apple has released security patches for dozens of vulnerabilities in iOS, macOS, tvOS, visionOS, watchOS, and Safari. |
New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication
| Cybersecurity researchers have discovered a previously undocumented Windows backdoor that leverages a built-in feature called Background Intelligent Transfer Service (BITS) as a command-and-control (C2) mechanism. |  |
Read also
About Us
Developing cybersecurity plans, evaluating and implementing technology, building effective software, and executing strategic initiatives.
Let’s Socialize
Popular Post
Welcome to v058 : Cyber Fright Night
October 29, 2024