Security News Headlines #96

Today's cybersecurity highlights reveal several critical vulnerabilities and emerging threats, including new ransomware tactics, significant patches, and growing concerns over identity verification technologies.

The ongoing efforts to enhance security measures across cloud services, software platforms, and identity systems are crucial in countering these sophisticated cyber threats. Additionally, advancements in cryptographic algorithms reflect the industry's push towards post-quantum security.

CISA Adds New Vulnerability to Known Exploited Catalog
CISA has updated its Known Exploited Vulnerabilities Catalog with a newly identified security flaw. This addition highlights the importance of promptly addressing vulnerabilities that are actively exploited by threat actors.

AWS KMS Introduces Support for Elliptic Curve Diffie-Hellman (ECDH)
AWS Key Management Service (KMS) now supports Elliptic Curve Diffie-Hellman (ECDH), enhancing secure key exchange methods for customers. This update provides stronger cryptographic security, particularly for applications requiring efficient and secure encryption.

Technical Analysis of CVE-2024-38021: A New Zero-Day Vulnerability
A deep dive into CVE-2024-38021 reveals a critical zero-day vulnerability that could allow remote code execution. Security researchers emphasize the urgency of addressing this flaw, which poses significant risks to affected systems.

Cyber Insurance Claims Decline as Firms Improve Ransomware Recovery
Companies are increasingly handling ransomware recovery independently, leading to a decline in cyber insurance claims. This trend reflects a shift towards stronger in-house security practices and resilience against cyberattacks.

Exploit Attempts Target Ivanti VTM Bug
Hackers are actively exploiting a vulnerability in Ivanti's Virtual Traffic Manager (VTM). This critical bug, if unpatched, could allow attackers to gain unauthorized access to sensitive network resources.

Ransomware Gang Deploys Malware to Disable Security Software
A ransomware group has developed new malware designed to terminate security software before launching an attack. This tactic enhances the effectiveness of their operations, making it more difficult for victims to defend against ransomware.

Copy2Pwn Exploit Bypasses Windows Web Protections
The Copy2Pwn exploit, identified as CVE-2024-38213, evades Windows web protections, allowing attackers to compromise systems. The exploit poses a significant threat, particularly to systems that rely on default security settings.

Microsoft Entra ID Authentication Bypass Threatens Hybrid Clouds
An unfixed authentication bypass in Microsoft Entra ID exposes hybrid cloud environments to potential attacks. The vulnerability could allow unauthorized access, making it a pressing concern for organizations relying on Entra ID for identity management.

Lazarus Group Exploits Microsoft Zero-Day (CVE-2024-38193)
The notorious Lazarus Group is exploiting a newly discovered Microsoft zero-day vulnerability, CVE-2024-38193. This attack further demonstrates the group's advanced capabilities and ongoing threat to global cybersecurity.

Google's Post-Quantum Cryptography Algorithms Formally Verified
Google has formally verified its post-quantum cryptography algorithms, marking a significant milestone in the development of quantum-resistant security solutions. This advancement is crucial for safeguarding data against future quantum computing threats.

Okta Advocates for Zero Standing Privileges
Okta emphasizes the importance of Zero Standing Privileges (ZSP) to minimize access risks in identity management. By adopting ZSP, organizations can reduce the potential for unauthorized access, even in the event of credential compromise.

NetSuite Vulnerability Puts Thousands of Websites at Risk
A vulnerability in NetSuite could expose thousands of websites to cyberattacks. This flaw, if exploited, could lead to unauthorized access and data breaches, highlighting the need for immediate remediation.

x64dbg: Open-Source Binary Debugger for Windows Gains Popularity
x64dbg, an open-source binary debugger for Windows, is gaining traction among security professionals. The tool's versatility and community-driven development make it a valuable resource for analyzing and debugging software vulnerabilities.

FBI Investigates Cyberattack on Flint as Ransomware Incident
The FBI is investigating a cyberattack on Flint, Michigan, as a ransomware incident. The attack disrupted city services, raising concerns about the vulnerability of local government systems to cyber threats.

DeepMasterPrints Fool Fingerprint Recognition Systems
DeepMasterPrints, a method of creating master fingerprints, has been shown to deceive fingerprint recognition systems. This technique could potentially compromise biometric security, making it easier for attackers to bypass fingerprint-based authentication.

Are Disabled Clickable URLs Enough to Prevent Phishing?
Disabling clickable URLs is a common phishing prevention tactic, but it may not be enough. Experts argue that more comprehensive measures are needed to effectively counter phishing attacks, which continue to evolve in sophistication.

Urgent Patch Needed for SolarWinds Critical RCE Bug
A critical remote code execution (RCE) vulnerability in SolarWinds software requires an urgent patch. The flaw could be exploited by attackers to gain control over affected systems, making it imperative for users to update immediately.

Future Outlook

As cyber threats grow increasingly sophisticated, the adoption of advanced security measures, such as post-quantum cryptography and zero standing privileges, becomes crucial. The persistent exploitation of zero-day vulnerabilities and the rise of new ransomware tactics highlight the need for continuous vigilance and prompt patch management. Organizations must remain proactive in updating their defenses to mitigate the risks posed by evolving cyber threats.