Security News Headlines #116

Security News Headlines for today cover significant updates from the cybersecurity world, ranging from newly disclosed vulnerabilities to scam tactics and innovations in security tools. Major tech companies like Apple and Google are making waves with critical updates, while threat actors continue to evolve, targeting both individuals and organizations. As usual, we focus on protecting systems, understanding new threats, and mitigating risks in a fast-paced digital landscape. Here are the top stories you need to know.

CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its catalog, urging organizations to patch affected systems. These vulnerabilities, actively exploited in the wild, impact multiple software products and pose serious risks if left unaddressed. Admins are encouraged to review and apply necessary security updates immediately.

Apple Releases Security Updates for Multiple Products
Apple has rolled out security updates across several products, including iOS, macOS, and watchOS, addressing critical flaws. These patches fix vulnerabilities that could allow attackers to exploit systems remotely. Users are strongly advised to update their devices to the latest versions.

Scam Funeral Streaming Groups Thrive on Facebook
Facebook is seeing a rise in fraudulent funeral streaming services that prey on grieving families. These scams promise to stream funerals but steal money and sensitive information instead. Users are urged to be cautious when using such services, particularly from unknown providers on social media.

Using Amazon Detective for IAM Investigations
Amazon has introduced new features in Amazon Detective to streamline investigations into Identity and Access Management (IAM) activities. These enhancements provide deeper insights into suspicious actions involving IAM policies and permissions, helping organizations better monitor and respond to potential security incidents.

0-0-0-0 Day: Exploiting Localhost APIs from the Browser
A new vulnerability has been discovered allowing localhost API exploitation from browsers. This issue stems from misconfigured web services, exposing systems to remote attackers. Security teams are encouraged to secure their API configurations to avoid such attacks.

Chrome Introduces One-Time Permissions
Google Chrome has launched one-time permissions, allowing users to grant temporary access to sensitive data, like location or camera, for a single session. This feature enhances privacy and limits the risk of unauthorized access by apps or sites after the session ends.

Okta's Essence of Security: Customer Trust
Okta emphasizes the importance of security in building customer trust. Their latest report highlights new strategies for reinforcing identity and access management (IAM) security. The focus remains on transparent security practices that foster long-term relationships with clients.

IC3 Issues Alert on Rising Business Email Compromise Scams
The FBI's Internet Crime Complaint Center (IC3) warns of increasing Business Email Compromise (BEC) scams. Cybercriminals target organizations by impersonating trusted entities to steal large sums of money. IC3 urges businesses to improve email security and employee awareness.

VMware vCenter Server Vulnerability CVE-2024-38812
A new critical vulnerability, CVE-2024-38812, has been discovered in VMware vCenter Server, potentially allowing remote code execution. Administrators are strongly advised to apply available patches immediately to mitigate this high-risk threat.

CrowdSec Expands Open-Source, Crowdsourced Protection
CrowdSec, a collaborative cybersecurity platform, has enhanced its open-source solution, enabling users to share threat intelligence and defend against attacks. The platform allows real-time exchange of suspicious activity, helping communities build stronger defenses against cyber threats.

DPRK's Code of Conduct for Cyber Attacks
Researchers have uncovered guidelines used by North Korean hackers, revealing strict "codes of conduct" for cyberattacks. These insights help cybersecurity professionals better understand how DPRK-affiliated groups operate and improve defenses against their tactics.

Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data
A zero-click vulnerability in macOS Calendar allows attackers to remotely execute code and access iCloud data without user interaction. Apple has issued a patch, and users are urged to update their systems to prevent potential exploitation.

Temu Denies Breach After Hacker Claims Theft of 87 Million Data Records
Temu, an online marketplace, denies claims of a massive data breach after a hacker alleged stealing 87 million records. The company insists there is no evidence of unauthorized access, but users are advised to monitor their accounts for suspicious activity.

Google Cloud's Document AI Flaw Exposes Sensitive Information
A flaw in Google Cloud's Document AI service has been discovered, potentially exposing sensitive information processed by the platform. Google has acknowledged the issue and is working on a fix, urging users to follow best practices for data security.

North Korean Hackers Target Energy and Telecom Sectors
North Korean hackers have been linked to targeted attacks on energy and telecom industries. These advanced persistent threats (APTs) aim to disrupt infrastructure and steal sensitive data. Organizations in these sectors are urged to strengthen cybersecurity measures against such threats.

iOS 18 Introduces New Privacy and Security Features
Apple's iOS 18 brings enhanced privacy and security features, including better app tracking transparency and more granular control over data sharing. These updates aim to give users greater control over their personal information and protect against malicious apps.