IT Security Newsletter - 8/8/2024
"Perfect" Windows downgrade attack turns fixed vulnerabilities into zero-days
A researcher has developed a downgrade attack that can make Windows machines covertly, persistently and irreversibly vulnerable, even if they were fully patched before that. The direction of SafeBreach researcher Alon Leviev's probing was inspired by the BlackLotus UEFI bootkit, which was able to bypass the UEFI Secure Boot by exploiting a vulnerability, as well as disable Windows security mechanisms (e.g., BitLocker, HVCI, and Windows Defender) and persist on compromised machines. READ MORE...
Ronin Network hacked, $12 million returned by "white hat" hackers
Gambling blockchain Ronin Network suffered a security incident yesterday when white hat hackers exploited an undocumented vulnerability on the Ronin bridge to withdraw 4,000 ETH and 2 million USDC, totaling $12 million. This figure corresponds to the maximum amount of ETH and USDC that can be withdrawn from the bridge via a single transaction, so this critical security measure prevented the theft of potentially astronomical figures. READ MORE...
ADT confirms data breach after customer info leaked on hacking forum
American building security giant ADT confirmed it suffered a data breach after threat actors leaked allegedly stolen customer data on a popular hacking forum. ADT is a public American company that specializes in security and smart home solutions for residential and small business customers. The firm employs 14,300 people, has an annual revenue of $4.98 billion, and serves approximately 6 million customers across 200 locations in the United States. READ MORE...
Cybercrime Rapper Sues Bank over Fraud Investigation
In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade's social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. The subject of that piece, a 22-year-old Kentucky man, is now brazenly suing his financial institution after it blocked a $75,000 wire transfer and froze his account, citing an active law enforcement investigation. READ MORE...
Cloud storage lockers from Microsoft and Google used to store and spread state-sponsored malware
State-sponsored cyber spies and criminals are increasingly using legitimate cloud services to attack their victims, according to Symantec's threat hunters who have spotted three such operations over recent months, plus new data theft and other malware tools in development by these goons. The security firm's Marc Elias discussed the different groups, and their favorite cloud platforms, during a Wednesday talk at the Black Hat infosec conference. READ MORE...
GhostWrite Vulnerability Facilitates Attacks on Devices With RISC-V CPU
A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed the details of a new vulnerability affecting a popular CPU that is based on the RISC-V architecture. RISC-V is an open source instruction set architecture (ISA) designed for developing custom processors for various types of applications, including embedded systems, microcontrollers, data centers, and high-performance computers. READ MORE...
Vulnerabilities Exposed Widely Used Solar Power Systems to Hacking, Disruption
Researchers at cybersecurity firm Bitdefender claim to have found serious vulnerabilities in widely used solar power systems, potentially enabling attackers to cause disruption and blackouts. The researchers analyzed photovoltaic system management platforms provided by Chinese companies Solarman and Deye, which, according to Bitdefender, are used to operate millions of solar installations worldwide, generating 195 GW, or roughly 20% of the global solar power production. READ MORE...
- ...in 1945, President Harry S. Truman signs the United Nations Charter and the United States becomes the first nation to complete the ratification process.
- ...in 1945, the Soviet Union officially declares war on Japan, pouring more than 1 million Soviet soldiers into Japanese-occupied Manchuria.
- ...in 1974, in an evening televised address, President Richard M. Nixon announces his intention to resign in the wake of the Watergate scandal.
- ...in 1988, the Chicago Cubs host Wrigley Field's first ever night game.