IT Security Newsletter - 6/7/2024
Pressure mounts on Snowflake and its customers as attacks spread
The fallout from compromised Snowflake customer databases is growing as reports surface of additional businesses impacted by massive data theft. At least four major companies are now reportedly exposed by cyberattacks involving the theft of corporate information stored on Snowflake database environments. Threat analysts have uncovered evidence linking these attacks to the spree of identity-based intrusions Snowflake first disclosed on Friday. READ MORE...
750k Impacted by Frontier Communications Data Breach
Frontier Communications has started notifying over 750,000 individuals that their personal information was stolen in a recent data breach. The telecommunications giant says it identified the incident on April 14, when it was forced to shut down certain systems to contain it. By mid-May, the company had restored all impacted systems. Right from the start, the company revealed that the attackers accessed and exfiltrated certain data from its systems, including personal information. READ MORE...
Russian hacktivists vow mass attacks against EU elections
A Russian hacktivist crew has threatened to attack European internet infrastructure as four days of EU elections begin on Thursday. The NoName57(16) crew, which is one of the pro-Russia hacktivist gangs that sprung up shortly after the invasion of Ukraine, said seven other groups (plus "more teams that wish to remain anonymous") plan to participate in the plan to punish the EU for opposing the illegal invasion of Ukraine. READ MORE...
SolarWinds Patches High-Severity Vulnerability Reported by NATO Pentester
SolarWinds this week announced patches for multiple high-severity vulnerabilities in Serv-U and the SolarWinds Platform, including a bug reported by a penetration tester working with NATO. Rolling out as version 2024.2, the latest SolarWinds Platform iteration includes patches for three new security defects, as well as fixes for multiple bugs in third-party components. The first issue, tracked as CVE-2024-28996, is described as an SWQL injection flaw. READ MORE...
June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft
May 2024 Patch Tuesday was unusual because we had security updates from Adobe, Apple, Google, Mozilla, and Microsoft on the same day. While individually from each vendor, the updates weren't that large, managing them together was more challenging. On the Microsoft front, the only Critical update was for Sharepoint Server, but there were important updates for Windows 11 with 41 CVEs addressed and Windows 10 with 47 CVEs addressed. READ MORE...
PHP fixes critical RCE flaw impacting all versions for Windows
A new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a massive number of servers worldwide. PHP is a widely used open-source scripting language designed for web development and commonly used on both Windows and Linux servers. The new RCE flaw tracked as CVE-2024-4577, was discovered by Devcore Principal Security Researcher Orange Tsai on May 7, 2024, who reported it to the PHP developers. READ MORE...
Ukraine says hackers abuse SyncThing tool to steal data
The Computer Emergency Response Team of Ukraine (CERT-UA) reports about a new campaign dubbed "SickSync," launched by the UAC-0020 (Vermin) hacking group in attacks on the Ukrainian defense forces. The threat group is linked to the Luhansk People's Republic (LPR) region, which Russia has occupied almost in its entirety since October 2022. The hacker's activities commonly align with Russia's interests. READ MORE...
Interpol, FBI Disrupt Moldova-Based Cyber Ring
In a multinational operation conducted by Interpol and the FBI, four individuals have been detained in Moldova for trying to sabotage Red Notice, one of the international police agency's essential tools. The system flags people who are considered wanted criminals to law enforcement organizations globally. According to Moldova's anticorruption chief, the authorities discovered an international criminal organization that is tied to individuals in Russia, Ukraine, and Belarus. READ MORE...
POC exploit code published for 9.8-rated Apache HugeGraph RCE flaw
If you haven't yet upgraded to version 1.3.0 of Apache HugeGraph, now's a good time because at least two proof-of-concept exploits for a CVSS 9.8-rated remote command execution bug in the open-source graph database have been made public. Apache HugeGraph lets developers build applications based on graph databases and is commonly used in Java 8 and Java 11 environments. In late April, the Apache Software Foundation disclosed a critical vulnerability in versions of HugeGraph-Server 1.0.0. READ MORE...
Attacks Surge on Check Point's Recent VPN Zero-Day Flaw
Exploit activity targeting a recent information disclosure flaw in Check Point's VPN technology has soared in recent days, heightening the need for organizations to address the flaw immediately. The vulnerability, identified as CVE-2024-24919, affects software in multiple versions of Check Point's CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances. READ MORE...
- ...in 1946, the BBC resumes its television broadcasts, which had been suspended for the duration of WWII.
- ...in 1958, musician Prince Rogers Nelson, AKA Prince, is born in Minneapolis, MN.
- ...in 1975, Sony introduces the Betamax videocassette recorder for sale to the public.
- ...in 2018, the Mars Curiosity Rover finds organic matter in soil samples, indicating that Mars could have once supported living organisms.