Weekly Cyber Security
News Events &Information
From sources found online in the past seven days
![](https://i0.wp.com/red-n-security.com/wp-content/uploads/2024/06/cropped-red-dot-security-logo.png?resize=512%2C512&ssl=1)
Hello all,
This week has been rather uncommon in how quiet it has been with the low level of major issues and announcements, unless you count Microsoft experiencing a successful Distributed Denial of Service (DDoS) attack that severely impacted their operations for about a day. Of course there was plenty of other news regarding vulnerabilities, issues, and threats, and a plethora of interesting and surprising announcements. So, let’s move on to the details.
The volume of news and other can appear overwhelming, the best strategy is to read the Notable Callouts below and then skim the full list of linked news item titles that follow for things that pertain to you or your environment or simply interest you, and then selecting them for more information. So, let’s get to it. And don’t forget, our site, https://red-n-security.com also has searchable archives of past newsletters.
Notable Callouts:
- Google has updated Chrome to address critical security updates. Three were security related, and there was one that was related to a browser crash. Updates are usually automatic and eventually apply, but you can always trigger one immediately by going to Chrome’s help and then the about screen.
- Microsoft had a rather bad day this past week on July 30 when their automated processes failed to mitigate a successful Distributed Denal of Service (DDoS) attack. The result was that major portions of the Microsoft infrastructure were either unavailable or responded very poorly. It took approximately 8 hours for things to return to normal operations.
- Microsoft Edge received three security updates this past week, which is unsurprising since it is a Chromium based browser. So, when Google updates Chrome, all Chromium based browsers should follow suit shortly afterward. The same manual update process as for Chrome applies to Edge.
- Secure Boot has been found to be compromised on computers from hundreds of PCs from many of the major vendors. Encryption keys were found publicly available. This is an emerging story, but the bottom line is that manufacturers will need to release updates to fix this major blunder that left the keys to the kingdom out in the open on the internet.
- Multiple SMTP Servers Vulnerable to Spoofing Attacks. Simple Mail Transfer Protocol has been a backbone of email transmission. Some of the verification and security items related to servers’ sending and receiving of email are standards such as Sender Policy Framework (SPF), Domain-based, Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Email (DKIM). Researchers have found a way to spoof identities in email headers to circumvent the protections offered by sender verification systems described above. Successful abuse means that emails can be sent impersonating where they came from, with very little to let you know it is not legitimate. Major email vendors will need to implement new safeguards and mitigations to fight this novel vector.
In Ransomware, Malware, and Vulnerabilities News:
- UK crimebusters shut down global call-spoofing outfit. It is always nice to read a story of success by the good guys. There are plenty out there, but alarming headlines get most of the attention.
- Average Data Breach Cost Jumps to $4.88 million. Wow. If nothing convinces you to ensure that your data is well protected, that number alone should!
- OneBlood’s virtual machines encrypted by an inhuman dirtbag or group of dirtbags. They encrypted a non-profit blood bank service! This event has triggered alerts to hospitals that there will be shortages of blood for life-saving procedures. These heartless individuals are truly evil.
In Other News Events of Note and Interest:
- Entrust’s TLS certificates just got the ban-hammer from Firefox after already having gotten it from Google Chrome. If you have an Entrust certificate, it is time to get one someplace else, ASAP.
- Argentina will use AI to ‘predict future crimes’. I’ve seen this TV series. It was named Person of Interest. Let’s just say that the AI didn’t stay in the box. Argentina may regret this move, just sayin’.
In Cyber Insurance News:
- CrowwdStrike incident underlines the importance of cyber insurance. If you were affected, either directly or indirectly, and if you have cyber insurance, you’ve likely invoked your disruption of business provision in an attempt to recover some of the lost revenue for the global BSOD. If you were affected and don’t have cyber insurance, now might be a good time to look into it. Because this will not be the last time something like this happens in our ever increasingly interconnected world.
The internet is like St. Cecilia’s annual carnival. It is an amazing wonder of exotic foods, entertaining personalities, animals, and oddities, incredible inventive rides, games, and amusing activities. And just like that pop-up carnival, consumer beware. Is that food truly safe? Did they get all of the bolts into the rollercoaster? Are the beams all solid or is there a hairline crack just waiting for you to be on the ride? Be careful where you go, what you consume, and what you choose to engage in. While it may appear safe and sound, caution is warranted.
![Visc. Jan Broucinek](https://i0.wp.com/red-n-security.com/wp-content/uploads/2024/06/jan-round-red-outline.png?resize=214%2C214&ssl=1)
Keep the shields up. They really are out to get you.
Viscount Jan Broucinek
Red-N Weekly Cyber Security News
Headline NEWS
- Google Releases Critical Security Update for Chrome
- DDoS Attack Leads to Microsoft Azure Global Outage
- Edge 127 gets three security updates and organizational branding customization feature
- Secure Boot useless on hundreds of PCs from major vendors after key leak
- Multiple SMTP Servers Vulnerable to Spoofing Attacks
Ransomware, Malware, and Vulnerabilities News
- UK crimebusters shut down global call-spoofing outfit that claimed 170K-plus victims
- Threat actor impersonates Google via fake ad for Authenticator
- Cyber ransom payments will need to be disclosed by businesses under new laws
- Average data breach cost jumps to $4.88 million, collateral damage increased
- Cybersecurity expert: The worst thing to do after a data breach
- OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover
- Over 20,000 Ubiquiti Cameras and Routers Vulnerable to Amplification Attacks, Privacy Risks
- Cybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread Malware
- Bitdefender Vulnerability Let Attackers Trigger SSRF Attacks
- The Power and Peril of RMM Tools
- New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication
- Bio-hacking is the next big threat in cybersecurity, and we are not ready
- Fake AI editor ads on Facebook push password-stealing malware
- Hackers breach ISP to poison software updates with malware
- Report finds macOS fares worse than Windows and Linux at preventing cyber attacks
- Telecoms are prime targets for cyberattacks in 2024, report
- North Korean cyberspies trick developers into installing malware with fake job interviews
- APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure
- APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack
- Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails
- Cyber attacks on shipping rise amid geopolitical tensions
- New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries
- Microsoft Edge Vulnerability Let Attackers Execute Arbitrary Code
- Half of businesses report an increase in state-sponsored cyber threats amid rising geopolitical tension
- S. releases Russian hackers in Evan Gershkovich prisoner swap
- AI fuelling more sophisticated phishing attempts, cyberattacks
- Hackers Use Microsoft Forms for Two-Step Phishing Attacks
- Fiber optic networks ‘sabotaged’ in parts of France
- Intruders at HealthEquity rifled through storage, stole 4.3M people’s data
- $2,393,288 Drained From Customers’ Bank Accounts As Insider Falsifies Records, Transfers Funds to Herself and Family
- Some companies pay ransomware attackers multiple times, survey finds
- Millions more victims exposed in debt collection agency data breach
- Criminal Hackers Add GenAI Credentials to Underground Markets
- Aerospace, defense company working to ‘restore normal operations’ after cyber breach
- South Korea’s top HUMINT agency probes potentially catastrophic data breach
- Dark Angels ransomware receives record-breaking $75 million ransom
- Ransomware and email attacks are hitting businesses more than ever before
- Leaked ransomware variants give rise to new cybercrime groups
- Rhysida ransomware group claims Ohio attack, selling 6 terabytes of data
- Black Basta ransomware switches to more evasive custom malware
- New Jersey City University hacked by ransomware group demanding $700K
- Russian ransomware gangs account for 69% of all ransom proceeds
- Five months after takedown, LockBit is a shadow of its former self
- OneBlood’s virtual machines encrypted in ransomware attack
- Microsoft: Ransomware gangs exploit VMware ESXi auth bypass in attacks
- Homeland Security Investigations sees 300% increase in foreign victims of sextortion
- New Specula tool uses Outlook for remote code execution in Windows
- Hackers can watch your screen via HDMI radiation
- UK govt links 2021 Electoral Commission breach to Exchange server
Other News Events of Note and Interest
- Cool Tool: HTTP Downloader
- Cool Tool: Trippy combines the functionality of traceroute and ping
- One of the best utilities on Windows just got another update
- A 20-Year-Old Rom Site Is Shutting Down and Moving to the Internet Archive
- DigiCert to Revoke Thousands of Certificates Following DNS Validation Error
- Meraki Authentication Server Certificate Rotation
- Firefox’s Mozilla follows Google in losing trust in Entrust’s TLS certificates
- Google scraps plans to kill third-party cookies in Chrome
- Google Chrome warns uBlock Origin may soon be disabled
- Twilio kills off Authy for desktop, forcibly logs out all users
- Indonesia bans DuckDuckGo – free VPN apps are the next target
- Get ready for more Java licensing changes
- How Infostealers Pillaged the World’s Passwords
- America’s Cyber Security Agency Picks Its First Head of AI
- AI Hackathon hopes to encourage kids to go into the tech field
- Argentina will use AI to ‘predict future crimes’ but experts worry for citizens’ rights
- Top 7 generative AI use cases for business
- Microsoft says CrowdStrike outage affected many more devices than reported
- SentinelOne CEO On CrowdStrike Outage: ‘Not Just An Honest Mistake’
- Delta Airlines to ‘rethink Microsoft’ in wake of CrowdStrike outage
- Cloudflare Introduces Advanced Load Balancing to Eliminate Hardware Dependency
- Cloudflare once again comes under pressure for enabling abusive sites
- Intel’s CPU instability and crashing issues also impact mainstream 65W and higher ‘non-K’ models — damage is irreversible, no planned recall
- Intel announces two extra years of warranty amid chip crashing and instability issues
- Xen hypervisor quadruples its possible core count for version 4.19
- AMD’s free new software could boost frame rates in thousands of games
- NVIDIA Accelerates Humanoid Robotics Development
- VPNs don’t work with Snapdragon laptops – here’s why
- Your Microsoft 365 subscription now comes with a free VPN on PC and phone
- Microsoft 365 and Azure outage takes down multiple services
- Microsoft finds a new way to irritate Windows 11 users – a backup pop-up
- The New Outlook for Windows Reaches General Availability
- Microsoft is wrong: The new Outlook for Windows is not ready for prime time
- Microsoft says black borders in Windows 11 File Explorer is a feature, not a bug
- Microsoft Reveals More Details About Windows CrowdStrike Crash
- Microsoft Apologizes to Users for Widespread Outage Disrupting Xbox, Outlook, and Minecraft
- Microsoft 365 Backup and Backup Storage is now generally available for businesses
- Microsoft quietly installing KB5001716 Windows 11/10 update for the good of your PC
- KB5040527: Windows 11 gets Start menu drag drop and pin apps, File Explorer Tab duplication
- KB5040529: Microsoft quietly releases optional Windows 11 24H2 update for manual download
- WinGet 1.8 allows users to download Microsoft Store apps for offline distribution
- 20 features in Windows 11 that you’re not using (and you definitely should)