IT Security Newsletter

IT Security Newsletter - 4/30/2024

Written by Cadre | Tue, Apr 30, 2024

CISA Rolls Out New Guidelines to Mitigate AI Risks to US Critical Infrastructure

The US government's cybersecurity agency CISA has rolled out a series of guidelines aimed at beefing up the safety and security of critical infrastructure against AI-related threats. The newly released guidelines categorize AI risks into three significant types: the utilization of AI in attacks on infrastructure, targeted assaults on AI systems themselves, and failures within AI design and implementation that could jeopardize infrastructure operations. READ MORE...

FBI warns of fake verification schemes targeting dating app users

The FBI is warning of fake verification schemes promoted by fraudsters on online dating platforms that lead to costly recurring subscription charges. The public service announcement explains that contrary to romance scams that often combine investment fraud like "pig butchering," these verification schemes rely on recurring monthly charges for the victim. Moreover, their registration data are used for further malicious activity, such as being used for identity theft or sold on cybercrime marketplaces. READ MORE...

'Muddling Meerkat' Poses Nation-State DNS Mystery

During an investigation into the activities of a threat group providing domain name system (DNS) infrastructure for illicit online gambling sites, threat researcher Renée Burton discovered something completely novel: Covert traffic immune to China's government-run firewall using open DNS resolvers and mail records to communicate. The China-linked group, dubbed Muddling Meerkat, has demonstrated its ability to get specific DNS packets through the Great Firewall. READ MORE...

Cactus ransomware targets a handful of Qlik Sense CVEs

Cactus ransomware is actively exploiting critical vulnerabilities in Qlik Sense, a widely used data visualization and business intelligence platform, according to research released Thursday by Fox-IT. Since the campaign began in November, Cactus has exploited vulnerabilities in the Qlik Sense platform, including a HTTP tunneling vulnerability in Qlik Sense for Windows, listed as CVE-2023-48365, according to Fox-IT and a previous blog from Qlik Sense. The vulnerability has a CVSS score of 9.6. READ MORE...

Honeywell: USB Malware Attacks on Industrial Orgs Becoming More Sophisticated

Industrial giant Honeywell has published its sixth annual report on the threat posed by USB-borne malware to industrial organizations, warning of an increase in sophistication. The report is based on analysis conducted by the company's Global Analysis, Research and Defense (GARD) team using data collected by a security product designed to detect and block malware on USB drives used in customers' industrial environments. READ MORE...

How TikTok Grew From a Fun App for Teens Into a Potential National Security Threat

If it feels like TikTok has been around forever, that's probably because it has, at least if you're measuring via internet time. What's now in question is whether it will be around much longer and, if so, in what form? Starting in 2017, when the Chinese social video app merged with its competitor Musical.ly, TikTok has grown from a niche teen app into a global trendsetter. While, of course, also emerging as a potential national security threat, according to U.S. officials. READ MORE...

Account compromise of "unprecedented scale" uses everyday home devices

Authentication service Okta is warning about the "unprecedented scale" of an ongoing campaign that routes fraudulent login requests through the mobile devices and browsers of everyday users in an attempt to conceal the malicious behavior. The attack, Okta said, uses other means to camouflage the login attempts as well, including the TOR network and so-called proxy services from providers such as NSOCKS, Luminati, and DataImpulse, which can also harness users' devices without their knowledge. READ MORE...

R Programming Bug Exposes Orgs to Vast Supply Chain Risk

A high-severity vulnerability in an R programming language process could expose organizations using the popular open source language to attacks via the software supply chain. The vulnerability, assigned CVE-2024-27322, has a CVSS vulnerability-severity score of 8.8 out of 10. It involves R's process for deserializing data, or converting objects encoded in formats such as JSON, XML, and binary, back to their original form for use in an application or program. READ MORE...

  • ...in 1789, George Washington is sworn in as the first U.S. president.
  • ...in 1916, mathematician and engineer Claude Shannon, known as "the father of information theory", is born in Petosky, MI.
  • ...in 1969, The Beatles record "Let It Be" at Abbey Road Studios.
  • ...in 1985, actress Gal Gadot ("Wonder Woman", "Fast & Furious") is born in Petah Tikva, Israel.