Latest Insights in Cybersecurity: Key Developments and Trends
Written on
Chapter 1: Current Trends in Cybersecurity
In today's digital landscape, cybersecurity remains a top priority for organizations worldwide. This edition of the Cyber Briefing aims to shed light on pressing issues and recent developments in the field.
Cyber Briefing 2024.08.28: Explore the latest trends and critical cybersecurity incidents that demand attention.
CISA Identifies Major Vulnerability in Apache OFBiz
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a serious flaw in the Apache OFBiz ERP system, designated as CVE-2024–38856. This vulnerability, which has a CVSS score of 9.8, facilitates remote code execution due to an improper authorization process, enabling unauthenticated attackers to exploit it using a specially crafted Groovy payload.
BlackByte Introduces New Encryptor and Tactics
Known for its ties to Conti splinter groups, the BlackByte ransomware group has rolled out a new encryptor, complete with advanced tactics, techniques, and procedures (TTPs). The latest encryptor, marked with the 'blackbytent_h' extension, utilizes a Bring Your Own Vulnerable Driver (BYOVD) method, incorporating a greater number of vulnerable drivers than earlier versions. Recent attacks have seen BlackByte affiliates leverage CVE-2024–37085, an authentication bypass flaw in VMware ESXi, to encrypt multiple virtual machines simultaneously.
Phishing Campaign Using QR Codes Targets Microsoft Sway
A new phishing scheme exploits Microsoft Sway to capture Microsoft 365 credentials. Cybersecurity analysts have discovered that attackers are using Sway, a legitimate platform for creating documents and presentations, to host fraudulent pages that display malicious QR codes. Scanning these codes redirects users to deceptive sites aimed at harvesting login credentials.
Sensitive Data Leaked by Eight Mobile Apps
Research indicates that eight mobile applications for both Android and iOS are inadvertently exposing sensitive user information due to poor security practices. Apps such as Klara Weather, Military Dating App MD Date, and others are transmitting user data—including device details and geolocation—over unencrypted HTTP, rather than the more secure HTTPS.
SQL Injection Vulnerabilities Identified in FileCatalyst
Fortra has issued urgent patches for two critical SQL injection vulnerabilities in its FileCatalyst Workflow software, designated CVE-2024–6632 and CVE-2024–6633. These flaws, disclosed on August 27, 2024, could significantly compromise system integrity and confidentiality, allowing unauthorized changes to databases and exposure of sensitive information.
Cyber Incidents to Note
AMD Experiences Second Cyberattack in 2024
Advanced Micro Devices (AMD) has suffered another significant cyberattack this year, with the IntelBroker group claiming responsibility. This incident follows a previous attack, highlighting a disturbing trend of targeted cyber intrusions. AMD is currently investigating the breach, which reportedly compromised sensitive user credentials and internal information.
ServiceBridge Faces Massive Data Breach
Security researcher Jeremiah Fowler has reported a substantial data breach involving ServiceBridge, a cloud-based management platform. Over 32 million documents, including sensitive business records, were exposed, with leaked data ranging from contracts to HIPAA consent forms, spanning various sectors and countries.
Legacy Capital Advisors Reports Data Breach
Legacy Capital Advisors LLC in Georgia has confirmed a breach affecting employee email accounts, discovered on September 25, 2023. This breach, which began in late July, resulted in the exposure of sensitive information, including names and Social Security numbers.
Banham Poultry Suffers Cyber Attack
A cyber incident at Banham Poultry, a major poultry processing facility in England, led to unauthorized access to employee data. The attack on August 18, 2024, resulted in the theft of personal information such as National Insurance numbers and bank details.
Cucamonga Valley Water District Hacked
The Cucamonga Valley Water District in California is investigating a ransomware attack from August 15, 2024, which disrupted their phone payment system. Fortunately, their water distribution operations and customer database remained unaffected.
Latest Cybersecurity News
Biden Administration Pressures Meta on Content Censorship
A letter from Meta CEO Mark Zuckerberg to Congress reveals that the Biden administration urged the company to censor content related to COVID-19 and allegations involving the Biden family. This included removing certain posts and suppressing reports during the 2020 election.
Australia to Establish New Cyber Advisory Board
Australia is planning to form a new cybersecurity advisory board to support its Commonwealth Cyber Uplift Plan. This initiative, part of the 2023–2030 Australian Cyber Security Strategy, aims to strengthen public-private collaboration and enhance the cybersecurity landscape.
Malta Calls for End to Investigation of Young Hackers
The Nationalist Party in Malta is advocating for the termination of a legal inquiry into four young ethical hackers who reported a vulnerability in the FreeHour app. They argue that the investigation hinders the students' potential in the cybersecurity field.
Check Point to Acquire Cyberint Technologies
Check Point is set to acquire Cyberint Technologies for approximately $200 million. This move aims to enhance Check Point's managed threat intelligence capabilities and improve its defense against internal and external cyber threats.
Notion Exits Russian Market
Notion has announced its withdrawal from the Russian market due to U.S. government restrictions. Effective September 9, 2024, all accounts associated with Russian users will be terminated, and users must export their data by September 8.
Cyber Briefing: 2024-08-26: A comprehensive overview of recent cybersecurity incidents, vulnerabilities, and industry responses.
Subscribe for updates and share your thoughts with us.
Copyright © 2024 CyberMaterial. All Rights Reserved.
Connect with CyberMaterial on LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.