Security News Headlines #70

Author

Ian Bishop
July 12, 2024

Today's newsletter covers a range of important updates from new vulnerabilities, recent attacks, and emerging trends in cybersecurity. Highlights include the latest from Talos Intelligence, insights on ransomware, and critical advisories from CISA. Stay informed to keep your systems secure and ahead of potential threats.

Cisco Talos Intelligence reports multiple vulnerabilities in software from Adobe, Apple, Microsoft, and other vendors. These vulnerabilities range from remote code execution to privilege escalation, requiring immediate updates.

Symantec’s Q2 2024 report highlights a significant increase in ransomware attacks targeting healthcare and financial sectors. The report emphasizes the need for robust backup strategies and employee training to combat these threats.

Analyzing malicious domain data reveals trends in ransomware and infostealer activities. Organizations can use these insights to enhance their cybersecurity strategies and defenses.

Kaspersky reports a rise in spear-phishing campaigns targeting large groups with tailored emails. These attacks aim to steal credentials and spread malware, urging users to remain vigilant and verify email sources.

XM Cyber outlines three strategies to address the cybersecurity skills gap: investing in training programs, leveraging automation, and fostering cross-functional teams. These steps can help organizations build stronger security postures.

A new report details Russia’s extensive use of bot farms to spread disinformation on social media. The bots are used to influence public opinion and disrupt democratic processes.

A recently discovered PHP vulnerability is being exploited to distribute malware. Attackers use this flaw to inject malicious code into websites, urging admins to update their PHP versions immediately.

Citrix has issued a warning about a critical flaw in NetScaler’s management console that could allow attackers to gain unauthorized access. Users should apply the recommended patches promptly.

Apple has alerted iPhone users in 98 countries about spyware attacks by mercenary groups. The spyware targets vulnerabilities in iOS, emphasizing the need for regular software updates.

A critical SQL injection vulnerability in VMware Aria Automation has been discovered, which could allow attackers to access sensitive information. Users are advised to update their systems immediately.

DarkGate Malware Uses Excel Files for Distribution

Palo Alto Networks’ Unit 42 reports that DarkGate malware is being distributed through Excel files. The malware can steal sensitive data and install additional malicious software.

ViperSoftX Malware Covertly Runs PowerShell Using AutoIT Scripting

ViperSoftX malware uses AutoIT scripting to run PowerShell commands covertly. This technique allows the malware to avoid detection and carry out malicious activities silently.

Akamai reports that an exploit for a newly disclosed PHP vulnerability was released just one day after its disclosure. This rapid development highlights the importance of immediate patching.

SC Magazine discusses the blind spots in detecting and preventing account takeover attacks. Implementing multi-factor authentication and monitoring for unusual activities can help mitigate these risks.

Threat actors exploited a Windows zero-day vulnerability for more than a year before it was patched by Microsoft. This long exploitation period underscores the need for regular security audits.

Fujitsu confirmed it suffered a worm attack, not a ransomware attack, as initially suspected. The worm spread through internal networks, disrupting operations and requiring significant cleanup efforts.

An FTC audit uncovered "dark patterns" in global websites designed to manipulate users into making unintended decisions. These practices often involve deceptive UI/UX designs.

Huione Guarantee has been exposed as a major marketplace for cybercrime, facilitating transactions worth $1.1 billion. The site offers services including hacking, fraud, and data theft.

Attackers have been exploiting a Microsoft zero-day vulnerability for 18 months. The prolonged period of exploitation highlights the importance of rapid patch deployment and threat intelligence.

CISA and FBI Release Secure Design Alert to Eliminate OS Command Injection Vulnerabilities

CISA and the FBI have released an alert to help eliminate OS command injection vulnerabilities. The advisory includes best practices for secure software design and development.

CISA has issued seven new advisories addressing vulnerabilities in industrial control systems. These updates are crucial for protecting critical infrastructure from cyber threats.

CISA has added three known exploited vulnerabilities to its catalog. Organizations are encouraged to prioritize these vulnerabilities in their patching efforts to prevent exploitation.

CISA released an advisory detailing red team activities during an assessment of a U.S. Federal Civilian Executive Branch organization. The report provides insights into common vulnerabilities and recommendations for improvement.

CISA has published 21 advisories for industrial control systems, addressing various security vulnerabilities. These advisories are part of ongoing efforts to secure critical infrastructure.

Future Outlook

The increasing complexity and frequency of cyber threats require constant vigilance and proactive measures. Regular updates, employee training, and robust security practices are essential to mitigate risks. As the cybersecurity landscape evolves, staying informed and prepared is more important than ever.

Reply

or to participate.