Weekly Cyber Security
News Events &Information
From sources found online in the past seven days
Hello all,
Patch Tuesday was about as expected with Microsoft releasing their set of updates and fixes. What is interesting is that an increasing number of other vendors appear to be adopting the same cadence. Time will tell if this is a new industry-wide direction, or mere coincidence. Google’s Pixel phones are under active attack and need immediate patching, and Intel still doesn’t have a fix for their crashing i9 chips, are just some of the items linked this week.
The volume of news and other can appear overwhelming, the best strategy is to read the Notable Callouts below and then skim the full list of linked news item titles that follow for things that pertain to you or your environment or simply interest you, and then selecting them for more information. So, let’s get to it. And don’t forget, our site, https://red-n-security.com also has searchable archives of past newsletters.
Notable Callouts:
- Chrome and Firefox both patched some high-severity vulnerabilities this week. Time to update and restart your browsers.
- Fortinet has released patches to fix multiple buffer overflows in the command line interpreter of FortiOS. It is rather severe, so patch immediately.
- Siemens, Schneider, Rockwell and more have advisories out for Industrial Control System and Internet of Things items. Check your products and follow your vendors’ guidance.
- Mandiant has been investigating hacks of Snowflake customers and has identified around 165 customers, out of their 9,800, that may have had data stolen. Snowflake says that it wasn’t their systems that were breached, rather credential attacks on accounts without MFA have been the cause. QuoteWizard just made the news as yet another victim. For heaven’s sake people. If a service supports it, turn on MFA. Now.
- Microsoft Patch Tuesday was a typical release, if not a little light even with 51 fixes. There were a few in this cycle that do need prioritizing. The first is an Outlook zero-click Remote Code Execution (RCE) bug that should be patched ASAP. And Windows Server has a critical RCE bug that could allow takeover of a server if not fixed. Vet the various fixes and updates quickly since threat actors are reducing their time to exploitation with each passing month. And as mentioned, a good number of other vendors also pushed out updates this past Tuesday, so check your products.
In Ransomware, Malware, and Vulnerabilities News:
- Forced-Labor Camps are fueling billions of dollars in cyber scams. Unsuspecting people are lured to Cambodia, Laos, and Myanmar from places such as China, India, the Philippines, and other countries in the region. They then find themselves forced to toil extreme hours in what are essentially prison camps, working at defrauding unsuspecting cyber victims worldwide. Absolutely tragic!
- AI-enabled Attacks are increasing according to Palo Alto Networks. Speaking on how AI has helped business, they added, “…adversaries are also exploiting the power of AI to accelerate, scale, and innovate their attacks.”
In Other News Events of Note and Interest:
- New FCC mandated labels for internet providers should start appearing this month. They look just like nutritional labels on food products. This should be fun.
In Cyber Insurance News:
- AI and LLMs are revolutionizing cyber insurance. Cyber insurers are looking to AI to reduce the time and costs of risk assessments, and in reducing processing times, among other improvements.
I am sitting aboard a brand-new cruise ship, the Sun Princess, while docked in Greece. I’m typing this, using my phone’s hotspot via my data plan even though the ship has Wi-Fi available. Why? you might ask. Because the ship’s MedallionNet Wi-Fi is being reported by my phone as being insecure. What’s worse is that the onboard notes say that using a VPN will not work. Thankfully, I came prepared with pre-purchased international roaming. It is vital for you to always be vigilant, even when on family vacation, or holiday as they call it on the left side of the pond.
Viscount Jan Broucinek
Red-N Weekly Cyber Security News
Always keep the shields up. They really are out to get you.
Headline NEWS
- Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities
- Fortinet has released patches form multiple buffer overflows
- ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA
- Mandiant says hackers stole a ‘significant volume of data’ from Snowflake customers
- Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs
- Microsoft Outlook Zero-Click RCE Flaw Executes as Email is Opened
- Critical RCE Bug Opens Microsoft Servers to Takeover
- QuoteWizard, another Snowflake customer, confirms breach
Ransomware, Malware, and Vulnerabilities News
- Forced-Labor Camps Fuel Billions of Dollars in Cyber Scams
- Update now! Google Pixel vulnerability is under active exploitation
- CISA warns of criminals impersonating its employees in phone calls
- Nvidia Patches High-Severity GPU Driver Vulnerabilities
- Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers
- Phishing emails abuse Windows search protocol to push malicious scripts
- New Phishing Campaign Exploits Cloudflare Workers and HTML Smuggling to Steal User Credentials
- APT Hackers Using Google & OneDrive To Host Malicious Scripts
- Palo Alto Networks observes increase in AI-enabled attacks
- GPT-4 autonomously hacks zero-day security flaws with 53% success rate
- Netgear WNR614 flaws allow device takeover, no fix available
- Chinese hackers breached 20,000 FortiGate systems worldwide
- Life360 confirms a hacker stole Tile tracker IDs and customer info
- Our employees fell for an email cyberattack
- BlackBerry Cylance Data Offered for Sale on Dark Web
- Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale
- Updated Agent Tesla variant deployed in new phishing campaign
- ‘Cyber incident’ shuts down Cleveland City Hall
- Vietnam’s state postal service claims to restore its systems after cyberattack
- Ukrainian police identify suspected affiliate of Conti, LockBit groups
- London Hospitals Seek Biologics Backup After Ransomware Hit
- Toronto District School Board hit by a ransomware attack
- Kulicke and Soffa admit data breach from LockBit attack
- Black Basta ransomware gang linked to Windows zero-day attacks
- Ransomware – The great data escape: the rise of exfiltration
- Ransomware Is ‘More Brutal’ Than Ever in 2024
- Christie’s Says Ransomware Attack Impacts 45,000 People
- ZKTeco Biometric System Found Vulnerable to 24 Critical Security Flaws
- Exploit for critical Veeam auth bypass available, patch now
- Prevalence and Impact of Password Exposure Vulnerabilities in ICS/OT
- PoC Exploit Emerges for Critical RCE Bug in Ivanti Endpoint Manager
- VLC Media Player Vulnerabilities Allow Remote Code Execution
- Aldi warns customers of data breach involving skimming devices; 2 NJ stores affected
- 22 Chinese nationals sentenced to long prison terms in Zambia for multinational cybercrimes
Other News Events of Note and Interest
- Google Authenticator: How to get backup codes
- Oracle Java police start knocking on Fortune 200’s doors for first time
- Amazon Corretto is a no-cost, multiplatform, production-ready distribution of the Open Java Development Kit (OpenJDK)
- Intel says it still doesn’t have the true fix for its crashing i9 desktop chips
- Retired engineer discovers 55-year-old bug in Lunar Lander computer game code
- VMware and Dell back together with fresh OEM agreement
- StorMagic debuts HCI, hypervisor as VMware alternative
- Sonos draws more customer anger — this time for its privacy policy
- New FCC mandated labels for cable, internet providers to start appearing
- Mastering the tabletop: 3 cyberattack scenarios to prime your response
- HP bricks ProBook laptops with bad BIOS delivered via automatic updates
- Microsoft in damage-control mode, says it will prioritize security over AI
- Microsoft deprecates Windows DirectAccess, recommends Always On VPN
- Microsoft’s new Outlook security changes impact third-party apps and Gmail integration
- Microsoft confirms Windows 11 install issues on virtual machines in the latest updates
- KB5039213: Microsoft finally fixes Windows 11 “65000” BitLocker bug
- Windows 11 Patch Tuesday (KB5039212 / KB5039213) updates for June 2024
- Microsoft to force-update to Windows 10 22H2 as 21H2 support reaches end of life
- Microsoft postpones Windows Recall after major backlash — will launch Copilot+ PCs without headlining AI feature