IT Security Newsletter - 9/18/2024
Valid accounts remain top access point for critical infrastructure attacks, officials say
Valid account access was the most common and successful attack path into critical infrastructure environments during the U.S. government's 2023 fiscal year, which ended Sept. 30, 2023, federal cyber authorities said in a Friday report. Attackers used access to valid accounts in 2 in 5 successful critical infrastructure intrusions last year, according to the Cybersecurity and Infrastructure Security Agency and U.S. Coast Guard Cyber Command's annual risk and vulnerability assessment. READ MORE...
Temu denies breach after hacker claims theft of 87 million data records
Temu denies it was hacked or suffered a data breach after a threat actor claimed to be selling a stolen database containing 87 million records of customer information. The threat actor put the alleged data up for sale yesterday on the BreachForums hacking forum, along with a small sample to serve as proof of the stolen data. Temu says it has examined and cross-checked the data samples with its database, but no matches were found. READ MORE...
Cops across the world arrest 51 in orchestrated takedown of Ghost crime platform
Hours after confirming they had pwned the supposedly uncrackable encrypted messaging platform used for all manner of organized crime, Ghost, cops have now named the suspect they cuffed last night, who is charged with being the alleged mastermind. Australian national Jay Je Yoon Jung, 32, of Narwee, New South Wales, was arrested by the Australian Federal Police (AFP) and faced five charges in a Sydney court today in relation to the development and administration of Ghost. READ MORE...
'Marko Polo' Creates Globe-Spanning Cybercrime Juggernaut
The Marko Polo cybercrime gang represents a growing, global financial threat, steering at least 30 ongoing fraud campaigns at the same time and wielding an arsenal of sophisticated malware that has compromised tens of thousands of devices so far. That's according to Recorded Future's Insikt research arm, which noted the group's scams are going after individuals and organizations alike by impersonating popular brands such as Zoom, Discord, and OpenSea. READ MORE...
Ransomware gangs now abuse Microsoft Azure tool for data theft
Ransomware gangs like BianLian and Rhysida increasingly use Microsoft's Azure Storage Explorer and AzCopy to steal data from breached networks and store it in Azure Blob storage. Storage Explorer is a GUI management tool for Microsoft Azure, while AzCopy is a command-line tool that can facilitate large-scale data transfers to and from Azure storage. In attacks observed by cybersecurity firm modePUSH, the stolen data is then stored in an Azure Blob container in the cloud. READ MORE...
VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest
Broadcom-owned VMware on Tuesday rolled out critical-severity patches to cover a pair of vulnerabilities in its vCenter Server platform and warned that there's a major risk of remote code execution attacks. The most severe of the two, tagged as CVE-2024-38812, is documented as a heap-overflow in the Distributed Computing Environment / Remote Procedure Call (DCERPC) protocol implementation within vCenter Server. READ MORE...
Due to AI fakes, the "deep doubt" era is here
Given the flood of photorealistic AI-generated images washing over social media networks like X and Facebook these days, we're seemingly entering a new age of media skepticism: the era of what I'm calling "deep doubt." While questioning the authenticity of digital content stretches back decades-and analog media long before that-easy access to tools that generate convincing fake content has led to a new wave of liars using AI-generated scenes to deny real documentary evidence. READ MORE...
CISA Urges Software Makers to Eliminate XSS Flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are urging organizations to focus on eliminating cross-site scripting vulnerabilities in their products before shipping them. "Vulnerabilities like cross-site scripting (XSS) continue to appear in software, enabling threat actors to exploit them," the agencies wrote in their latest Secure by Design alert. READ MORE...
- ...in 1793, George Washington lays the cornerstone to the United States Capitol building.
- ...in 1927, Columbia Broadcasting System (known today as CBS) first goes on the air.
- ...in 1945, Gen. Douglas MacArthur moves his command headquarters to Tokyo.
- ...in 1971, American cyclist Lance Armstrong is born in Plano, TX.