Friday Wrap Up: 9 August 2024
It’s been a busy week in cybersecurity and time for a Friday Wrap Up. Here are some of the interesting stories from this past week.
๐จ The Hunters International ransomware group is using the new SharpRhino malware to target IT workers and breach corporate networks. (Published on 8/5/2024, BleepingComputer). Read More
๐ One in five enterprise IT admins report state-sponsored attacks aiming to infiltrate their supply chains. (Published on 8/5/2024, Malware Analysis). Read More
๐ก๏ธ AWS’s new ‘Mithra’ neural network is enhancing the prediction and blocking of malicious domains with impressive speed. (Published on 8/5/2024, SecurityWeek). Read More
โ ๏ธ Chinese cyberattack exploiting a 2018 Microsoft vulnerability prompts a new alert from CISA. (Published on 8/5/2024, Computer Weekly). Read More
๐ฑ Google patches a critical Android kernel zero-day exploited in targeted attacks, part of 46 vulnerabilities addressed this month. (Published on 8/5/2024, BleepingComputer). Read More
๐ฏ Hunters International ransomware group is using the SharpRhino RAT to target IT workers, irrespective of the sector. (Published on 8/6/2024, Malware Analysis). Read More
๐ Attackers employ multiple techniques to bypass reputation-based security, like Windows Smart App Control, allowing access without alerts. (Published on 8/6/2024, Dark Reading). Read More
๐ A hacker breached Mobile Guardian, wiping data from 13,000 student devices worldwide. (Published on 8/6/2024, BleepingComputer). Read More
๐ก New Android spyware LianSpy uses Yandex Cloud for command-and-control, evading detection in Russia. (Published on 8/6/2024, The Hacker News). Read More
๐ CrowdStrike’s analysis reveals a sensor expecting one less input field caused the largest global IT disruption in history. (Published on 8/6/2024, InformationWeek). Read More
๐ Censys identified over 40,000 internet-exposed ICS devices in the US, often without a way to notify owners. (Published on 8/7/2024, SecurityWeek). Read More
๐ป Ransomware attacks are increasing in frequency and sophistication, with more data leaks, according to Rapid7โs Ransomware Radar Report 2024. (Published on 8/7/2024, SecurityWeek). Read More
๐ง Roundcube webmail flaws could let hackers execute malicious JavaScript to steal emails and passwords. (Published on 8/7/2024, The Hacker News). Read More
๐ต๏ธ The Chameleon banking trojan resurfaces, disguised as a CRM app, targeting hospitality and B2C workers while evading Android 13 security measures. (Published on 8/7/2024, Dark Reading). Read More
๐ฅ๏ธ A Windows Update downgrade attack discovered by SafeBreach can “unpatch” fully-updated Windows systems, reintroducing old vulnerabilities. (Published on 8/7/2024, BleepingComputer). Read More
๐ Microsoft warns of downgrade attacks that could expose Windows systems to old vulnerabilities, working on updates to mitigate the risks. (Published on 8/8/2024, The Hacker News). Read More
โ ๏ธ An 18-year-old flaw in Firefox and Chrome is being exploited, allowing attackers to bypass security and interact with local networks. (Published on 8/8/2024, BleepingComputer). Read More
๐จ SaaS apps may present an abbreviated kill chain, making it easier for attackers to achieve their objectives, as revealed at Black Hat. (Published on 8/8/2024, Dark Reading). Read More
๐ก๏ธ LibreOffice releases a critical security update to fix a vulnerability allowing macros to execute without warning. Users urged to update. (Published on 8/8/2024, Malware Analysis). Read More
๐ ADT, a major home security company, admits to a hack compromising customer information, including home addresses. (Published on 8/8/2024, Gizmodo). Read More
๐ A $70 hack allowed access to a 512-bit RSA key, giving control over 200 MW of capacity in a home energy system. (Published on 8/9/2024, Ars Technica). Read More
๐ก๏ธ Malware has force-installed malicious Chrome extensions on 300,000+ browsers, hijacking homepages and stealing browsing history. (Published on 8/9/2024, BleepingComputer). Read More
๐ Iranian cyber actors are ramping up efforts to influence the upcoming US election, Microsoft reports. (Published on 8/9/2024, SecurityWeek). Read More
๐ง Microsoft discloses four OpenVPN flaws that could be exploited for remote code execution and privilege escalation. (Published on 8/9/2024, The Hacker News). Read More
and finally in non-cyber or tech news…
๐๏ธ New evidence suggests Egyptians might have used hydraulic lifts to build the Pyramid of Djoser. (Published on 8/5/2024, Ars Technica). Read More
๐ฌ The director of Deadpool & Wolverine reveals a surprising Easter egg referencing the 1987 comedy classic with Steve Martin and John Candy. (Published on 8/5/2024, Gizmodo). Read More
๐ Speculation arises that two Boeing Starliner astronauts stuck on the ISS might need to return on a SpaceX Dragon, potentially staying for six months. (Published on 8/7/2024, Gizmodo). Read More
Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!
Disclaimer: The views and opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the official policy or position of any agency of the U.S. government or any other organization. This content is provided for informational purposes only and is not meant to represent the strategies or opinions of any aforementioned entities.