IT Security Newsletter

IT Security Newsletter - 2/9/2024

Written by Cadre | Fri, Feb 9, 2024

FCC bans AI-generated voices, grants states legal authority

The Federal Communications Commission unanimously adopted a new rule on Thursday that bans the use of AI-generated voices in robocalls, granting state attorneys general to pursue legal action against the telemarketing scams. The ruling from the FCC comes shortly after a bipartisan coalition of 26 state attorneys general urged the FCC to take action to restrict the use of AI in telemarketing and just days after New Hampshire authorities traced robocalls using an AI-generated voice of President Joe Biden. READ MORE...

Super Bowl LVIII Presents a Vast Attack Surface for Threat Actors

The outcome of this year's Super Bowl matchup between the Kansas City Chiefs and the San Francisco 49ers on Feb. 11 at the Allegiant Stadium in Las Vegas will likely remain unknown until the last down of the game. But one thing that is already abundantly clear is that attackers will have no shortage of targets to blitz at the event. The NFL's continuing digitization of almost all aspects of the event has opened new vulnerabilities and targets that its security team has had to secure. READ MORE...

AnyDesk Shares More Information on Recent Hack

AnyDesk has shared more information on the recent hacker attack, including when threat actors first breached its systems and the impact of the incident. According to the developer of the popular remote access software, the intrusion was discovered in mid-January and a forensic investigation showed that the hackers first breached its systems in late December 2023. The investigation revealed that the hackers compromised production systems, but there is no indication of stolen credentials or planted malware. READ MORE...

US insurance firms sound alarm after 66,000 individuals impacted by SIM swap attack

Two US insurance companies are warning that thousands of individuals' personal information may have been stolen after hackers compromised computer systems. Washington National Insurance and Bankers Life, both subsidiaries of the CNO Financial Group, were targeted by SIM-swapping hackers in November 2023. As we've described before, SIM-swapping attacks involve fraudsters tricking customer support staff at a cellphone operator. READ MORE...

February 2024 Patch Tuesday forecast: Zero days are back and a new server too

January 2024 Patch Tuesday is behind us. A relatively light release from Microsoft with 39 CVEs addressed in Windows 10, 35 in Windows 11, and surprisingly no zero-day vulnerabilities from Microsoft to start the new year. January's release was a bit unusual in that we didn't have any updates for Office 2013 and Office 2016, only the online, click-to-run versions had a single-CVE update. That lull didn't last long as the zero-day treadmill has started up again as I'll discuss shortly. READ MORE...

Raspberry Robin devs are buying exploits for faster attacks

Researchers suspect the criminals behind the Raspberry Robin malware are now buying exploits for speedier cyberattacks. An exploit developer is thought by infosec pros to be either on the Raspberry Robin payroll or a close contact that sells them to the group - most likely the latter. That's according to Check Point Research (CPR) which has tracked how long it takes for vulnerability exploits to be added as features to the malware. READ MORE...

'Coyote' Malware Begins Its Hunt, Preying on 61 Banking Apps

Researchers have discovered a novel banking Trojan they dubbed "Coyote," which is hunting for credentials for 61 different online banking applications. "Coyote," detailed by Kaspersky in an analysis today, is notable both for its broad targeting of banking-sector apps (the majority, for now, in Brazil), and its sophisticated interweaving of different rudimentary and advanced components. READ MORE...

Round 3! The toothbrush DDoS attack saga continues: Newspaper counters Fortinet's translation claim in contentious interview

The newspaper Aargauer Zeitung published an article claiming that three million IoT-connected toothbrushes had launched a distributed denial-of-service attack against a Swiss company, causing its website to be knocked over for four hours. Hundreds of other news outlets retold the story, assuming it was true. But, it wasn't true. Where had Aargauer Zeitung got the story from? Well, they quoted a security researcher at Fortinet. READ MORE...

HHS settles cybersecurity investigation with Montefiore Medical Center

New York City-based Montefiore Medical Center will pay $4.75 million to settle allegations that data security failures allowed an employee to steal and sell the protected health information of thousands of patients over six months, the HHS' Office for Civil Rights announced Tuesday. Montefiore conducted an investigation after being alerted by law enforcement in 2015, and reported that an employee had taken data from more than 12,500 patients two years earlier and sold it to an identity theft ring. READ MORE...

New Fortinet RCE flaw in SSL VPN likely exploited in attacks

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks. The flaw (tracked as CVE-2024-21762 / FG-IR-24-015) received a 9.6 severity rating and is an out-of-bounds write vulnerability in FortiOS that allows unauthenticated attackers to gain remote code execution (RCE) via maliciously crafted requests. To patch the bug, Fortinet recommends upgrading to one of the latest version. READ MORE...

  • ...in 1964, the Beatles make their first appearance on the Ed Sullivan Show, performing for 73 million viewers across the USA.
  • ...in 1971, Satchel Paige becomes the first player from the Negro Leagues to be voted into the Baseball Hall of Fame.
  • ...in 1986, Halley's Comet last appeared in the inner Solar System.
  • ...in 1987, actor Michael B. Jordan ("Black Panther", "Fruitvale Station") is born in Santa Ana, CA.