IT Security Newsletter

IT Security Newsletter - 2/14/2024

Written by Cadre | Wed, Feb 14, 2024

Fat Patch Tuesday, February 2024 Edition

Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks. Top of the heap on this Fat Patch Tuesday is CVE-2024-21412, a "security feature bypass" in the way Windows handles Internet Shortcut Files that Microsoft says is being targeted in active exploits. READ MORE...

DOD notifying people who may be impacted by a year-old data breach

The Pentagon is in the process of alerting an undisclosed number of current and former employees, job applicants and partners that their sensitive personal information may have been exposed online in a "data breach incident" that was first detected in early 2023. DefenseScoop viewed a notice - dated Feb. 1, 2024 and sent by the Defense Intelligence Agency to a longtime Defense Department official - encouraging them to sign up for government-provided identity theft protection services. READ MORE...

Integris Health says data breach impacts 2.4 million patients

Integris Health has reported to U.S. authorities that the data breach it suffered last November exposed personal information belonging to almost 2.4 million people. The organization is Oklahoma's largest not-for-profit healthcare network, operating hospitals, clinics, and emergency care units across the state. On December 26, 2023, the organization confirmed it suffered a cyberattack after patients started receiving extortion emails. READ MORE...

BofA Warns Customers of Data Leak in Third-Party Breach

Bank of America has warned customers of a leak of their sensitive data that occurred due to a ransomware attack that breached the environment at technology partner Infosys McCamish Systems (IMS) last autumn. It's an incident that once again highlights the importance of securing access to data and environments across third-party systems. At least 57,028 customers were affected in the breach, according to a data breach disclosure form filed by IMS. READ MORE...

State-backed hackers are experimenting with OpenAI models

For the world's most advanced hackers, large language models are the latest hot productivity tool. In a report published Wednesday, Microsoft researchers said that they have observed hackers from China, Iran, North Korea and Russia experimenting with the use of large language models, but that they haven't yet seen the technology be used to carry out any notable attacks. The rapid proliferation of AI models have raised fears that hackers might be able to use the tech to carry out cyberattacks. READ MORE...

Patch Tuesday: Adobe Warns of Critical Flaws in Widely Deployed Software

Software maker Adobe on Tuesday released patches for at least 30 documented security flaws in multiple products, warning that users are exposed to code execution, security feature bypass and application denial-of-service attacks. As part of its scheduled Patch Tuesday releases, Adobe called urgent attention to critical flaws in the Adobe Acrobat and Reader, Adobe Commerce and Magento Open Source, Substance 3D Painter, and FrameMaker. READ MORE...

SAP Patches Critical Vulnerability Exposing User, Business Data

Enterprise software maker SAP announced the release of 13 new and three updated security notes as part of its February 2024 Security Patch Day, including one addressing a critical vulnerability in the SAP ABA cross-application component. The critical issue, a code injection bug tracked as CVE-2024-22131 (CVSS score of 9.1), could be exploited by an attacker that has remote execution authorization to use a vulnerable interface to invoke an application function and perform actions without permission. READ MORE...

QNAP fixes OS command injection flaws affecting its NAS devices

QNAP Systems has patched two unauthenticated OS command injection vulnerabilities (CVE-2023-47218, CVE-2023-50358) in various versions of the operating systems embedded in the firmware of their popular network-attached storage (NAS) devices. Both vulnerabilities are in the quick.cgi component, though seemingly in a different function. Both were reported to QNAP at the beginning of November 2023. READ MORE...

Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros

The Bumblebee malware loader seemingly vanished from the internet last October, but it's back and - oddly - relying on a vintage vector to try and gain access. First spotted in 2022 by researchers at Proofpoint - who identified it as an apparent replacement for BazarLoader - Bumblebee was originally used by high-profile ransomware groups including Russia-linked Conti. Now it has been spotted buzzing back to life. READ MORE...

Just one bad packet can bring down a vulnerable DNS server thanks to DNSSEC

A single packet can exhaust the processing capacity of a vulnerable DNS server, effectively disabling the machine, by exploiting a 20-plus-year-old design flaw in the DNSSEC specification. That would make it trivial to take down a DNSSEC-validating DNS resolver that has yet to be patched, upsetting all the clients relying on that service and make it seem as though websites and apps were offline. READ MORE...

  • ...in 1948, illusionist and writer Raymond Joseph Teller, AKA the silent half of comedy magic duo Penn & Teller, is born in Philadelphia, PA.
  • ...in 1970, actor Simon Pegg ("Shaun of the Dead", "Mission: Impossible" series) is born in Gloucestershire, England.
  • ...in 1990, the Voyager 1 space probe takes one last photograph of Earth before leaving our Solar System, a 6-billion-mile shot known as "Pale Blue Dot".
  • ...in 2005, the video sharing site YouTube is launched by founders Chad Hurley, Steve Chen, and Jawed Karim.