Friday, August 2nd, 2024
Cybersecurity Week in Review (02/08/24)
DDoS Attack Triggers New Microsoft Global Outage
A global outage of Microsoft services was started by a Distributed Denial-of-Service (DDoS) attack, the tech giant has revealed. An error in Microsoft’s DDoS protection measures then amplified the impact of the attack rather than mitigating it, the firm admitted.
The outage lasted for around 10 hours, between approximately 11.45 UTC and 19.43 UTC on July 30, 2024.During this time customers reported issues with a range of Microsoft platforms, including Outlook, Azure and the video game Minecraft. Microsoft cloud systems Intune and Entura were also impacted.
Source: https://www.infosecurity-magazine.com/news/ddos-microsoft-global-outage/
Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes
A new malicious campaign has been observed making use of malicious Android apps to steal users’ SMS messages since at least February 2022 as part of a large-scale campaign. The malicious apps, spanning over 107,000 unique samples, are designed to intercept one-time passwords (OTPs) used for online account verification to commit identity fraud.
The starting point of the attack is the installation of a malicious app that a victim is tricked into installing on their device either through deceptive ads mimicking Google Play Store app listings or any of the 2,600 Telegram bots that serve as the distribution channel by masquerading as legitimate services (e.g., Microsoft Word).
Source: https://thehackernews.com/2024/07/cybercriminals-deploy-100k-malware.html
Critical ServiceNow vulnerabilities being targeted by hackers, cyber agency warns
Two vulnerabilities affecting popular tools from the cloud company ServiceNow are being exploited by hackers eager to steal sensitive data.
On May 14, security experts at the cybersecurity company AssetNote notified ServiceNow of three serious vulnerabilities that could be chained together and used to siphon important organizational data. Companies use ServiceNow’s cloud-based software for everything from employee management to the automation of business processes, and more.
Source: https://therecord.media/critical-servicenow-vulnerabilities-hackers-cisa
Cyberattackers Accessed HealthEquity Customer Info via Third Party
HealthEquity, a Utah-based health savings account (HSA) provider, has disclosed a data breach affecting 4.5 million customers across the US. The incident stemmed from a hack of a data repository maintained by a third party.
The company said in the notice that a hacker managed to breach an “an unstructured data repository outside our core systems” containing customer data, making off with various kinds of personally identifiable information (PII).
Meta Settles for $1.4 Billion with Texas Over Illegal Biometric Data Collection
Meta, the parent company of Facebook, Instagram, and WhatsApp, agreed to a record $1.4 billion settlement with the U.S. state of Texas over allegations that it illegally collected biometric data of millions of users without their permission, marking one of the largest penalties levied by regulators against the tech giant.
The development arrived more than two years after the social media behemoth was sued for unlawfully capturing facial data belonging to Texas without their informed consent as is required by the law.
Source: https://thehackernews.com/2024/07/meta-settles-for-14-billion-with-texas.html
Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs
Multiple ransomware groups have been weaponizing an authentication bypass bug in VMware ESXi hypervisors to quickly deploy malware across virtualized environments.
VMware assigned the bug (CVE-2024-37085) a “medium” 6.8 out of 10 score on the CVSS scale. The average score is largely due to the fact that it requires an attacker to have existing permissions in a target’s Active Directory (AD).
New Mandrake Spyware Found in Google Play Store Apps After Two Years
A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years.
The applications attracted a total of more than 32,000 installations before being pulled from the app storefront, Kaspersky said in a Monday write-up. A majority of the downloads originated from Canada, Germany, Italy, Mexico, Spain, Peru, and the U.K.
Source: https://thehackernews.com/2024/07/new-mandrake-spyware-found-in-google.html
Criminal Hackers Add GenAI Credentials to Underground Markets
Cybercriminals are now able to purchase Generative AI (GenAI) account credentials on underground hacker markets along with other various illegal goods. According to the study, around 400 stolen GenAI credentials are being sold by threat actors per day.
The GenAI credentials include those that belong to users of ChatGPT, Quillbot, Notion, Huggingface, and Replit, among many others. eSentire’s cybersecurity research team found that the hackers are selling the credentials for roughly 400 GenAI accounts per day, usually stolen from corporate end users’ computers after they’ve been infected with an infostealer.
Cost of a Data Breach Surges 10% on Shadow Data Challenge
The average total cost of a data breach has increased 10% annually to reach nearly $4.9m, and even higher ($5m) for malicious insider attacks, according to IBM.
The tech giant’s Cost of a Data Breach Report 2024 is based on analysis of 604 organizations impacted by data breaches between March 2023 and February 2024, in 17 sectors and 16 countries and regions. Researchers also interviewed 3556 security and C-suite business leaders with first-hand knowledge of the breaches at their organizations.
Source: https://www.infosecurity-magazine.com/news/cost-data-breach-10-shadow-data/
Security flaws at UK elections agency left door open for Chinese hackers, watchdog finds
The United Kingdom’s privacy watchdog reprimanded the country’s Electoral Commission on Tuesday for failing to protect the personal information of nearly 40 million people accessed by hackers during a cyberattack three years ago.
According to the Information Commissioner’s Office (ICO), the election agency failed to ensure its systems were kept up to date with the latest security updates and did not have sufficient password policies.
Source: https://therecord.media/elections-agency-flaws-ico-hackers
Contact Us
The data you supply here will not be added to any mailing list or given to any third party providers without further consent. View our Privacy Policy for more information.