<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 2/6/2024

SHARE

Top News

Deepfake scammer walks off with $25 million in first-of-its-kind AI heist

On Sunday, a report from the South China Morning Post revealed a significant financial loss suffered by a multinational company's Hong Kong office, amounting to HK$200 million (US$25.6 million), due to a sophisticated scam involving deepfake technology. The scam featured a digitally recreated version of the company's chief financial officer, along with other employees, who appeared in a video conference call instructing an employee to transfer funds. READ MORE...


As if 2 Ivanti vulnerabilities under exploit weren't bad enough, now there are 3

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, researchers said Monday. The new vulnerability, tracked as CVE-2024-21893, is what's known as a server-side request forgery. Ivanti disclosed it on January 22, along with a separate vulnerability that so far has shown no signs of being exploited. READ MORE...

Breaches

HPE investigates new breach after data for sale on hacking forum

Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information. The company has told BleepingComputer that they have not found any evidence of a security breach and no ransom has been requested, but it's investigating the threat actor's claims. READ MORE...

Hacking

ResumeLooters target job search sites in extensive data heist

Group-IB identified a large-scale malicious campaign primarily targeting job search and retail websites of companies in the Asia-Pacific region. The group, dubbed ResumeLooters, successfully infected at least 65 websites between November and December 2023 through SQL injection and XSS attacks. Most of the gang's victims were found to be located in India, Taiwan, Thailand, Vietnam, China, and Australia. READ MORE...

Software Updates

Critical Remote Code Execution Vulnerability Patched in Android

Google on Monday announced patches for 46 vulnerabilities in Android, including a critical-severity bug leading to remote code execution. The flaw, tracked as CVE-2024-0031 and impacting Android Open Source Project (AOSP) versions 11, 12, 12L, 13, and 14, was identified in the platform's System component. "The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed," Google explained. READ MORE...

Malware

Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks

Journalists, lawyers, and human-rights activists in the Middle Eastern nation of Jordan face increased surveillance from the controversial Pegasus spyware app, with nearly three dozen civilians targeted over the past four years. According to an analysis published by digital rights group Access Now, in total 16 journalists and media staff, eight human-rights lawyers, and 11 other members of human-rights groups and non-governmental organizations were targeted by state-sponsored attackers. READ MORE...

Information Security

Could your Valentine be a scammer? How to avoid getting caught in a bad romance

Online dating has revolutionized how people connect and find love. Now, any of us can flick through an online catalog of potential love interests in the palm of their hands - no more terrible chat-up lines at bars or being set up at awkward 'friend-of-a-friend' double dates. No fewer than 350 million people used dating apps in 2022. These apps also open up a host of opportunities for scammers and hackers to exploit unsuspecting singletons. READ MORE...


How the SEC's Rules on Cybersecurity Incident Disclosure Are Exploited

Data security continues to be a leading challenge for businesses in an always-on, always-connected world. According to data from Qualys' 2023 threat landscape year in review, there were 26,447 vulnerabilities disclosed in 2023, up from 25,050 in 2022. It's the seventh straight year that vulnerabilities have increased. Of those categorized as high risk, hackers publish exploit tools for approximately 25% of them on the same day they're disclosed. Sadly, these numbers aren't surprising. READ MORE...

Exploits/Vulnerabilities

Mitsubishi Electric Factory Automation Flaws Expose Engineering Workstations

Two potentially serious vulnerabilities have been found in factory automation products made by Japanese electronics and electrical equipment manufacturing firm Mitsubishi Electric. In an advisory published last week, Mitsubishi Electric said several factory automation (FA), products are impacted by a high-severity authentication bypass and a critical remote code execution vulnerability. READ MORE...


Double trouble for Fortinet customers as pair of critical vulns found in FortiSIEM

Fortinet's FortiSIEM product is vulnerable to two new maximum-severity security vulnerabilities that allow for remote code execution. Both CVE-2024-23108 and CVE-2024-23109 have been assigned provisional scores of 10 on the CVSS scale, suggesting exploits can be carried out remotely by unauthenticated attackers, are low in complexity, and require no user interaction to pull off. READ MORE...

On This Date

  • ...in 1862, Union forces capture Fort Henry on the Tennessee River, their first major victory in the Civil War.
  • ...in 1952, Elizabeth II becomes queen regnant of the United Kingdom, upon the death of her father George VI.
  • ...in 1959, engineer Jack Kilby of Texas Instruments files the first patent for an integrated circuit.
  • ...in 1962, Guns N' Roses lead singer Axl Rose is born William Bruce Rose in Lafayette, IN.