Friday Wrap Up: 12 July 2024
It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
π¨ A remote code execution bug in Ghostscript is being actively exploited on Linux systems. Stay alert! (Published on 7/8/2024, BleepingComputer). Read More
π» Emerging RaaS operation ‘Eldorado’ targets both Windows and Linux systems with encryption locker variants. (Published on 7/8/2024, The Hacker News). Read More
π The ‘CloudSorcerer’ APT leverages cloud services in a sophisticated cyber-espionage campaign. (Published on 7/8/2024, Dark Reading). Read More
π 10 billion passwords have surfaced on the dark web in the ‘RockYou2024’ dump. (Published on 7/8/2024, Dark Reading). Read More
π¨ New Blast-RADIUS attack bypasses RADIUS authentication, allowing MD5 collision attacks and network breaches. (Published on 7/9/2024, BleepingComputer). Read More
π Chinese APT40 hackers hijack SOHO routers for cyber-espionage, reveals CISA advisory. (Published on 7/9/2024, BleepingComputer). Read More
β οΈ Hackers exploit WordPress calendar plugin vulnerability affecting 150,000 sites to execute code remotely. (Published on 7/9/2024, BleepingComputer). Read More
π©Ί Electronic health record errors pose serious patient safety risks, highlighting technology’s unintended consequences. (Published on 7/9/2024, InformationWeek). Read More
πΎ Ransomware gang leaks 100GB of data allegedly stolen from Florida Department of Health. (Published on 7/9/2024, SecurityWeek). Read More
π¨ A fake article about Volodymyr Zelenskyβs wife buying a Bugatti with US aid was promoted by bots. (Published on 7/10/2024, Wired). Read More
π» ViperSoftX malware uses CLR to run PowerShell commands within AutoIt scripts, evading detection. (Published on 7/10/2024, BleepingComputer). Read More
π‘οΈ EstateRansomware exploits a now-patched flaw in Veeam Backup & Replication software. (Published on 7/10/2024, The Hacker News). Read More
π Snowflake enhances MFA policies in response to over 100 breaches exploiting unprotected accounts. (Published on 7/10/2024, InformationWeek). Read More
π οΈ Threat actors leveraged a Microsoft zero-day exploit for 18 months in concurrent campaigns. (Published on 7/10/2024, Dark Reading). Read More
π¨ Shady company relaunches popular old tech blogs, stealing writersβ identities. This threatens both writers’ work and the web. (Published on 7/11/2024, Ars Technica). Read More
β οΈ Exim vulnerability affecting 1.5M servers lets attackers attach malicious files. Active targeting likely. (Published on 7/11/2024, Ars Technica). Read More
π OpenAI’s 2023 breach raises questions about AI industry transparency. How could this breach fuel the conversation? (Published on 7/11/2024, InformationWeek). Read More
π¨ 60 new malicious packages uncovered in NuGet supply chain attack. Threat actors add new layers of stealth to evade detection. (Published on 7/11/2024, The Hacker News). Read More
π Massive AT&T data breach exposes call logs of 109 million customers. Stay vigilant! (Published on 7/12/2024, BleepingComputer). Read More
β οΈ DNS hijacks target crypto platforms registered with Squarespace, redirecting visitors to phishing sites. (Published on 7/12/2024, BleepingComputer). Read More
π In other news: Appleβs spyware warning, CDK Global ransom payment, Sibanye cyberattack. (Published on 7/12/2024, SecurityWeek). Read More
π¨ DarkGate malware exploits Samba file shares in a short-lived campaign. (Published on 7/12/2024, The Hacker News). Read More
and finally in non-cyber or tech news…
π Fast-moving stars imply an intermediate-mass black hole in a nearby star cluster. (Published on 7/10/2024, Ars Technica). Read More
π Takata airbags and problematic sensors lead to massive recalls at Alfa Romeo, BMW, Fiat, and Jeep. (Published on 7/10/2024, Ars Technica). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!
Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.