Security News Headlines #120

Author

Ian Bishop
September 25, 2024

Security News Headlines for today focus on critical cybersecurity developments, including new vulnerabilities, scams, data breaches, and malware threats. Highlights include a major data leak affecting millions, new advisories from CISA, and the rise of Android malware variants. Also, be aware of evolving threats in cloud security and the latest in scams targeting cryptocurrency users. Stay informed and secure by reviewing today’s key stories.

CISA has added a new vulnerability to its Known Exploited Vulnerability Catalog. This flaw is actively being used by attackers, emphasizing the need for immediate patching. Organizations are urged to update affected systems to reduce their risk of exploitation.

CISA has issued eight new advisories for Industrial Control Systems (ICS). These advisories cover vulnerabilities across multiple platforms that could be exploited to cause significant disruption to industrial operations. Immediate mitigation is recommended to avoid potential attacks on critical infrastructure.

Cybercriminals are taking advantage of virtual shopping lists, using them as a phishing vector to steal credentials and financial information. This new scam targets online shoppers with fraudulent "shared" lists containing malicious links. Users are advised to be cautious and verify the legitimacy of such requests.

Amazon offers six security tips to strengthen AWS Transfer Family servers, including enforcing encryption, using fine-grained access controls, and regularly monitoring logs. Implementing these practices can significantly reduce the risk of unauthorized access and data leaks in cloud environments.

Over 100 million Americans have had their personal data exposed in a significant breach at MC2, a consumer database platform. Early investigations suggest human error as the likely cause of this breach, raising concerns over data management and security practices in handling sensitive information.

This guide provides practical steps for limiting permissions in cloud environments to facilitate effective forensics without excessive access. It highlights the importance of a least-privilege model to reduce potential exposure during an investigation, ensuring secure data handling while identifying security incidents.

A new Android banking trojan, Octo2, is spreading rapidly, posing a serious threat to mobile banking users. The malware can perform on-device fraud and take control of devices remotely. Security experts recommend heightened vigilance and the use of trusted security apps to detect and block this Trojan.

UEFI has become the new standard for firmware in modern systems, replacing the legacy BIOS. While it brings advanced features, it also introduces new security risks. The article emphasizes the importance of securing UEFI configurations to prevent low-level attacks that could compromise entire systems.

Cybercriminals hacked OpenAI’s press account on X (formerly Twitter) to promote cryptocurrency scams. This incident highlights the continued risk of social media hijacking, especially for high-profile accounts, as hackers leverage these platforms for financial gain through fraudulent schemes.

Money transfer giant MoneyGram is grappling with an undisclosed cybersecurity incident. The company is investigating the breach, which may have compromised customer data or disrupted services. MoneyGram has yet to release full details but is working with cybersecurity experts to resolve the situation.

Microsoft has implemented new measures to reduce the attack surface of its cloud services. This move is part of a broader effort to strengthen the security of its cloud offerings, particularly in response to rising threats targeting cloud infrastructure. Users should take note of these changes and adjust their security configurations accordingly.

A new variant of the RomCom malware, dubbed Snipbot, has been detected. This malware variant is designed to steal sensitive data from infected machines, with a focus on bypassing traditional detection methods. Organizations should update their defenses to counter this emerging threat.

Several major U.S. companies have unknowingly hired North Korean IT workers posing as freelancers. These individuals have been funneling their earnings back to the North Korean regime. The incident underscores the growing risk of supply chain vulnerabilities and the importance of thorough vetting processes for remote workers.

Over 11 million Android devices were infected by botnet malware distributed through Google Play. The malware was disguised as legitimate apps, evading Google’s security measures. Users are urged to review installed apps and use security tools to detect and remove any malicious software.

The Necro malware, known for targeting Android devices, is exploiting new vulnerabilities to spread more aggressively. This malware can execute crypto-mining operations and compromise device performance. Android users should apply the latest updates and use security solutions to protect against this ongoing threat.

Reply

or to participate.