<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 6/11/2024

SHARE

Top News

100 Snowflake customers attacked, data stolen for extortion

More than 100 Snowflake customers are caught in a widespread identity-based attack spree targeting the cloud-based data warehouse vendor's customers, Mandiant said Monday in a threat intelligence report. The attacks were not caused by a breach of Snowflake's systems, Mandiant said. "Since at least April 2024, UNC5537 has leveraged stolen credentials to access over 100 Snowflake customer tenants," Mandiant Consulting CTO Charles Carmakal said Monday in a prepared statement. READ MORE...

Breaches

Christie's confirms RansomHub crooks stole data on 45K clients

Auction house to the wealthy Christie's says 45,798 people were affected by its recent cyberattack and resulting data theft. That's according to public filings made with US state attorneys general on Friday, which also included template letters that are being distributed to customers. The letter templates didn't reveal the exact data types involved in the breach, instead, nondescript mail merge code is in its place. READ MORE...


23andMe data breach under investigation in UK and Canada

Privacy authorities in Canada and the United Kingdom have launched a joint investigation to assess the scope of sensitive customer information exposed in last year's 23andMe data breach. The Privacy Commissioner of Canada and The Information Commissioner's Office (ICO) will also look into whether the company had adequate safeguards to secure customer data stored on its systems. The joint investigation will also examine if 23andMe alerted affected individuals and privacy regulators. READ MORE...

Hacking

Massachusetts town loses $445,000 in email scam

A cyberattack on Arlington, Massachusetts, a town located about six miles northwest of Boston, recently lifted nearly half a million dollars from its coffers. Town manager Jim Feeney admitted on June 5 that the town, home to a roughly 46,000 residents, had been the "victim of a cybercrime." "Through what is known as a business email compromise," he wrote, "perpetrators used phishing, spoofing, social engineering, and compromised email accounts to ultimately facilitate wire fraud." READ MORE...

Software Updates

SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver

Enterprise software maker SAP on Tuesday announced the release of ten new and two updated security notes as part of its June 2024 Security Patch Day. SAP's new set of patches includes two high-priority security notes, the most severe of which addresses a cross-site scripting (XSS) bug in Financial Consolidation. According to application security firm Onapsis, the security note addresses two XSS flaws in SAP's product, collectively tracked as CVE-2024-37177 (CVSS score of 8.1). READ MORE...


Apple Patches Vision Pro Vulnerability Used in Possibly 'First Ever Spatial Computing Hack'

Apple on Monday updated visionOS, the operating system powering its Vision Pro virtual reality headset, to version 1.2, which addresses several vulnerabilities, including what may be the first security flaw that is specific to this product. visionOS 1.2 patches nearly two dozen vulnerabilities. However, a vast majority of them are in components that visionOS shares with other Apple products, such as iOS, macOS and tvOS. READ MORE...

Malware

TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers

The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on target systems. Attacks started on June 8, less than 48 hours after the release of security updates by PHP's maintainers, and relied on publicly available exploit code. TellYouThePass ransomware is known for quickly jumping on public exploits for vulnerabilities with a wide impact. READ MORE...

Exploits/Vulnerabilities

Critical PHP CVE is under attack - research shows it's easy to exploit

Devcore researchers are warning that a critical argument injection vulnerability in PHP could be exploited to achieve remote code execution. The vulnerability affects all versions of PHP installed on the Windows operating system, researchers said last week. The vulnerability, listed as CVE-2024-4577, has a CVSS score of 9.8 and could allow an attacker to take over an affected system, according to researchers at Censys. READ MORE...


Multiple Vulnerabilities Plague Discontinued Netgear WNR614 Routers

Vulnerabilities in discontinued Netgear WNR614 routers allow attackers to bypass authentication, intercept communications, and retrieve credentials, Redfox Security warns. A total of six flaws were discovered in the Netgear WNR614 N300 router model running the latest available firmware version, 1.1.0.54_1.0.1, which was released in August 2018. The product was discontinued in 2021. READ MORE...

On This Date

  • ...in 1509, Henry VIII marries his first wife, Catherine of Aragon; their subsequent divorce led to England's split from the Catholic Church.
  • ...in 1776, the Continental Congress appoints the Committee of Five to draft the Declaration of Independence.
  • ...in 1963, two African-American students, Vivian Malone and James Hood, register at the previously segregrated University of Alabama.
  • ...in 1982, "E.T.: The Extra-Terrestrial" opens in U.S. theaters, going on to become one of the highest-grossing films of all time.