Security News Headlines #82

Security News Headlines for today

Welcome to today's edition of Security News Headlines. Stay informed with the latest updates and critical information on cybersecurity developments.

CISA Adds Three Known Exploited Vulnerabilities to Catalog The Cybersecurity and Infrastructure Security Agency (CISA) has updated its catalog with three new exploited vulnerabilities. Organizations are urged to prioritize the patching of these vulnerabilities to protect their systems from potential threats.

The Aftermath of the WordPress.org Supply Chain Attack: New Malware and Techniques Emerge The recent supply chain attack on WordPress.org has led to the emergence of new malware and attack techniques. Website owners are advised to update their WordPress installations and plugins to mitigate these risks.

Scammer Abuses Microsoft 365 Tenants, Relaying Through Proofpoint Servers to Deliver Phishing Emails Cybercriminals are exploiting Microsoft 365 tenants to relay phishing emails through Proofpoint servers. Users should be vigilant and organizations should enhance their email security measures to prevent such attacks.

Notable Shift Seen in BASTA Ransomware Initial Access The BASTA ransomware group has changed its initial access tactics, focusing on exploiting new vulnerabilities. Security teams need to stay updated on these evolving techniques to better defend against ransomware attacks.

Android Spyware 'Mandrake' Hidden in Apps on Google Play Since 2022 Spyware named 'Mandrake' has been found hiding in apps on Google Play since 2022. Android users should review app permissions and install security updates to protect their devices from spyware.

Patch Now: ServiceNow Critical RCE Bugs Under Active Exploit Critical remote code execution (RCE) vulnerabilities in ServiceNow are being actively exploited. Organizations using ServiceNow should apply the latest patches immediately to avoid potential security breaches.

Escalating Battle: Ransomware Prevention Strategies The fight against ransomware is intensifying with new prevention strategies emerging. Businesses are encouraged to adopt comprehensive cybersecurity measures to fend off ransomware attacks.

QR Code Phishing Is Still on the Rise Phishing attacks utilizing QR codes are increasing. Users should be cautious when scanning QR codes and verify the source before providing any personal information.

Mandrake Apps Return to Google Play Mandrake spyware-laden apps have reappeared on Google Play. Users are advised to only download apps from trusted developers and regularly update their security software.

Stargazer Goblin Creates 3,000 Fake Accounts to Scam Victims A scammer known as 'Stargazer Goblin' has created 3,000 fake accounts to trick victims. Online users should be cautious and verify the authenticity of online profiles before engaging.

Building Security into Redesigned Google Play Google is enhancing the security of Google Play with new measures in its redesigned platform. This initiative aims to better protect users from malicious apps and improve overall security.

Cirrus: Open-Source Google Cloud Forensic Evidence Collection Google has introduced Cirrus, an open-source tool for forensic evidence collection in Google Cloud. This tool helps security professionals streamline the investigation process in cloud environments.

Drop the MIC: CVE-2019-1166 Exploit Detailed A detailed analysis of the CVE-2019-1166 exploit, known as 'Drop the MIC,' reveals its mechanisms and impact. IT administrators should ensure their systems are patched to prevent exploitation.

Digging for SSRF in Next.js Apps Researchers have found server-side request forgery (SSRF) vulnerabilities in Next.js applications. Developers should implement security best practices to mitigate these risks.

SentinelLabs Uncovers New CapraRAT Spyware Targeting Android Users CapraRAT, a new spyware targeting Android users, has been uncovered by SentinelLabs. Users should stay informed about threats and update their devices to protect against spyware.

Merkspy Exploiting CVE-2021-40444 to Infiltrate Systems The Merkspy malware is exploiting the CVE-2021-40444 vulnerability to infiltrate systems. Organizations must apply security patches promptly to defend against this threat.

Crypto Exchange Gemini Discloses Third-Party Data Breach Crypto exchange Gemini has disclosed a data breach involving a third-party vendor. Users should monitor their accounts for unusual activity and change passwords as a precaution.

Future Outlook

The evolving landscape of cybersecurity threats requires constant vigilance and adaptation. Organizations must prioritize regular updates and robust security practices to mitigate risks. Staying informed about the latest vulnerabilities and attack methods is crucial for maintaining strong defenses. As cyber threats grow more sophisticated, proactive measures and user awareness will be key in preventing security breaches.