IT Security Newsletter

IT Security Newsletter - 10/24/2024

Written by Cadre | Thu, Oct 24, 2024

North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft

The North Korean advanced persistent threat (APT) actor Lazarus was caught exploiting a zero-day vulnerability in Chrome to steal cryptocurrency from the visitors of a fake game website, Kaspersky reports. Also referred to as Hidden Cobra and active since at least 2009, Lazarus is believed to be backed by the North Korean government and to have orchestrated numerous high-profile heists to generate funds for the Pyongyang regime. READ MORE...

Russian Trolls Pose as Reputable Media to Sow US Election Chaos

In the final days of the 2024 US election season, Russian state-backed actors are pushing enormous amounts of fake news disguised as information from reputable news outlets with the intention of flooding the American news ecosphere with enough garbage to influence who eventually wins the White House. The Kremlin's full-scale propaganda push, named Operation Overload by researchers at Recorded Future who uncovered the effort, is pretty basic. READ MORE...

After concerns of handing Facebook taxpayer info, four companies found to have improperly shared data

Four tax preparation software companies failed to comply with government rules that require the sharing of tax-related info to be done only with specific disclosures and full tax-payer consent, according to an audit released by the Treasure Inspector General for Tax Administration (TIGTA) in the United States. The Internal Revenue Service (IRS) partners with tax professionals and other entities that assist taxpayers in meeting their tax obligations. READ MORE...

'Satanic' data thief claims to have slipped into 350M Hot Topic shoppers info

A data thief calling themselves Satanic claims to have purloined the records of around 350 million customers of fashion retailer Hot Topic. Israeli security shop Hudson Rock reports that the criminal says they have hacked the loyalty account of the fashion megachain, harvesting 350 million customers' PII, including names, emails, physical addresses, and dates of birth. It appears that the leak possibly came from an employee at Robling, a retail analytics business. READ MORE...

LinkedIn bots and spear phishers target job seekers

Microsoft's social network for professionals, LinkedIn, is an important platform for job recruiters and seekers alike. It's also a place where criminals go to find new potential victims. Like other social media platforms, LinkedIn is no stranger to bots attracted to special keywords and hashtags. Think "I was laid off", "I'm #opentowork" and similar phrases that can wake up a swarm of bots hungry to scam someone new. READ MORE...

Samsung Galaxy S24 Hacked at Pwn2Own Ireland 2024

Over $350,000 was paid out on the second day of Pwn2Own Ireland 2024, including for an exploit targeting the Samsung Galaxy S24. With the $516,250 earned by participants on the first day of the event, the total payout at the hacking contest organized by Trend Micro's Zero Day Initiative (ZDI) has already reached nearly $850,000, and there are two more days left. One of the most noteworthy exploits on the second day targeted a Samsung Galaxy S24 smartphone. READ MORE...

Location tracking of phones is out of control. Here's how to fight back.

You likely have never heard of Babel Street or Location X, but chances are good that they know a lot about you and anyone else you know who keeps a phone nearby around the clock. Reston, Virginia-located Babel Street is the little-known firm behind Location X, a service with the capability to track the locations of hundreds of millions of phone users over sustained periods of time. READ MORE...

Voice-enabled AI agents can automate everything, even your phone scams

Scammers, rejoice. OpenAI's real-time voice API can be used to build AI agents capable of conducting successful phone call scams for less than a dollar. There have been concerns that letting AI models interact with convincing, simulated voices might lead to abuse. OpenAI in June delayed its advanced Voice Mode in ChatGPT, which supports real-time conversation between human and model, over safety concerns. READ MORE...

Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575)

Fortinet has finally made public information about CVE-2024-47575, a critical FortiManager vulnerability that attackers have exploited as a zero-day. CVE-2024-47575 is a vulnerability stemming from missing authentication for a critical function in FortiManager's fgfmd daemon. Remote, unauthenticated attackers could exploit the flaw to execute arbitrary code or commands via specially crafted requests. READ MORE...

Microsoft SharePoint Vuln Is Under Active Exploit

A high-severity flaw in Microsoft SharePoint, tracked as CVE-2024-38094, is under active exploit. The bug is a deserialization vulnerability, which is often used as attack vectors by malicious cyber actors and poses a serious threat to federal enterprises. If successfully exploited, it could give threat actors remote code execution capabilities. The vulnerability has earned a CVSS score of 7.2 out of 10. READ MORE...

  • ...in 1861, Western Union completes the first transcontinental telegraph line.
  • ...in 1929, "Black Thursday" -- the largest sell-off of shares in stock market history -- signals the beginning of the Great Depression.
  • ...in 1938, The Fair Labor Standards Act becomes law, establishing the 40-hour work week.
  • ...in 2003, the Concorde makes its final commercial flight.