IT Security Newsletter

IT Security Newsletter - 6/12/2024

Written by Cadre | Wed, Jun 12, 2024

Patch Tuesday, June 2024 "Recall" Edition

Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch Tuesday this month for Windows users. The software giant also responded to a torrent of negative feedback on a new feature of Redmond's flagship operating system that constantly takes screenshots of whatever users are doing on their computers, saying the feature would no longer be enabled by default. Last month, Microsoft debuted Copilot+ PCs, an AI-enabled version of Windows. READ MORE...

Cylance clarifies data breach details, except where the data came from

BlackBerry-owned cybersecurity shop Cylance says the data allegedly belonging to it and being sold on a crime forum doesn't endanger customers, yet it won't say where the information was stored originally. Saying very little about where the data came from, Cylance says it is related to company marketing between 2015 and 2018, before BlackBerry bought it, and it came from an undisclosed "third-party platform." READ MORE...

City of Cleveland shuts down IT systems after cyberattack

The City of Cleveland, Ohio, is currently dealing with a cyberattack that has forced it to take citizen-facing services offline, including the public offices and facilities at Erieview and the City Hall. With a metropolitan area population of over 2 million people, Cleveland is a vital healthcare, manufacturing, finance, logistics, education, and technological hub and the most significant economic center in Ohio. READ MORE...

China state hackers infected 20,000 Fortinet VPNs, Dutch spy service says

Hackers working for the Chinese government gained access to more than 20,000 VPN appliances sold by Fortinet using a critical vulnerability that the company failed to disclose for two weeks after fixing it, Netherlands government officials said. The vulnerability, tracked as CVE-2022-42475, is a heap-based buffer overflow that allows hackers to remotely execute malicious code. It carries a severity rating of 9.8 out of 10. READ MORE...

ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA

The June 2024 Patch Tuesday brings advisories from several ICS vendors, including Siemens, Schneider Electric and Aveva, as well as the US cybersecurity agency CISA. Siemens has published 14 new advisories that cover more than 120 vulnerabilities. The company has made available patches and/or mitigations for these security holes. A majority of the flaws impact third-party components and their existence has been known since at least last year. READ MORE...

Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities

Google and Mozilla on Tuesday announced the release of Chrome 126 and Firefox 127 to the stable channel with patches for multiple high-severity memory safety vulnerabilities. Chrome 126 includes 21 security fixes, including 18 for defects reported by external researchers. The reporting researchers, Google notes in its advisory, received over $160,000 in bug bounty rewards for their findings. READ MORE...

Police arrest Conti and LockBit ransomware crypter specialist

The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself. The investigation was backed by information shared by the Dutch police who responded to a ransomware attack on a Dutch multinational, followed by data-theft extortion. READ MORE...

Forced-Labor Camps Fuel Billions of Dollars in Cyber Scams

Slammed by borders closures in 2020 due to the COVID-19 pandemic as well as by increased scrutiny by authorities, Chinese crime syndicates posing as investors shifted their operations from illicit gambling houses to online cybercrime fraud. The strategy has proven to be phenomenally successful. Four years later, the syndicates continue to take advantage of chaos and corruption in a number of Southeast Asian countries to steal billions of dollars from vulnerable victims worldwide. READ MORE...

WarmCookie Gives Cyberattackers Tasty New Backdoor for Initial Access

A purpose-built Windows backdoor appears to be the new flavor of the month for giving attackers entry into targeted systems, after initial access, they pivot to ransomware delivery and system compromise in a wave of recent attacks. Dubbed WarmCookie by researchers at Elastic Security Labs, the backdoor has been distributed widely in a spate of phishing emails starting in late April by a campaign called REF6127. READ MORE...

  • ...in 1948, comic book writer Len Wein, the co-creator of Marvel Comics' Wolverine and DC Comics' Swamp Thing, is born in New York City.
  • ...in 1965, the Supremes song "Back in My Arms Again" becomes their 5th consecutive single to reach #1.
  • ...in 1987, President Ronald Reagan publicly challenges Mikhail Gorbachev to tear down the Berlin Wall, in a speech at the Brandenburg Gate.
  • ...in 2011, Corvette wins both GT classes in the 24 Hours of Le Mans on Chevrolet's 100th birthday.