Policies
Steps to Remove Your Personal Info From Google Search Results
If personal information like your home address or phone number appears in Google searches, you can take steps to have it removed. Google now allows more people to submit removal requests for such data. Although removing results from Google Search won’t eliminate the web pages entirely, it will reduce visibility. To start, visit Google’s support page, select the type of personal information exposed, provide URLs and screenshots, and submit your request. Google will confirm receipt and update you on their decision. For further privacy measures, check out services like DeleteMe.
Europol Launches Operation Endgame Against Malware Droppers
Europol, in collaboration with US and UK law enforcement, initiated Operation Endgame targeting malware droppers like IcedID and Trickbot. The operation led to arrests, searches, and seizures of servers and domains, disrupting cybercriminal activities linked to ransomware deployment and cyber crimes.
Advisory
CISA Urges Federal Agencies to Patch Actively Exploited Linux Kernel Vulnerability
CISA has added the Linux kernel flaw CVE-2024-1086, a high-severity use-after-free bug in the netfilter component, to its Known Exploited Vulnerabilities catalog. This flaw, allowing local privilege escalation, is actively exploited. Agencies are advised to apply updates by June 20, 2024, to mitigate potential threats.
Microsoft Warns of Increased Cyber Attacks on Internet-Exposed OT Device
Microsoft reports a surge in cyber attacks on operational technology (OT) devices exposed to the internet, highlighting weak security measures. Attacks can manipulate industrial processes, leading to system malfunctions. Organizations are urged to enhance OT security, disconnect vulnerable systems from the internet, and adopt zero trust practices.
Check Point Urges Immediate Patching for Exploited VPN Vulnerability
Check Point has warned customers about a zero-day vulnerability (CVE-2024-24919) actively exploited in its VPN software, impacting CloudGuard Network, Quantum Maestro, and others. The flaw allows attackers to exploit old VPN local-accounts, potentially gaining access to sensitive information and executing lateral movement with domain admin privileges. Users are advised to update and strengthen VPN security.
Vulnerabilities
Okta Alerts Customers to Credential Stuffing Attacks on Identity Cloud Services
Okta has warned of credential stuffing attacks exploiting a cross-origin authentication feature in its Customer Identity Cloud. The attacks, noted since April 15, 2024, involve adversaries using stolen credentials from past breaches. Okta recommends reviewing tenant logs, rotating credentials, and enabling stronger authentication methods.
Active Exploitation of WordPress Plugin Vulnerabilities Leads to Rogue Admin Accounts
Researchers have identified active exploitation of high-severity vulnerabilities in several WordPress plugins, including WP Meta SEO and LiteSpeed Cache. Attackers use these flaws to inject malicious scripts, create rogue admin accounts, and insert backdoors. Site owners are urged to update plugins and check for signs of compromise.
Breaches
Ticketmaster Data Breach Exposes 500 million users
Live Nation’s subsidiary Ticketmaster suffered a data breach, discovered on May 20, with a potential impact on millions of customers. The breach, claimed by the hacking group ShinyHunters, involves a 1.3TB database containing names, addresses, phone numbers, and credit card details of 560 million users. Ticketmaster users are advised to monitor accounts, be cautious of phishing attempts, and change passwords.
Cybercriminals Steal Data of Over 25,000 BBC Pension Scheme Members
Cybercriminals breached the BBC Pension Scheme database, stealing personal information of over 25,000 current and former employees. Although no financial data was compromised, affected individuals have been offered two years of credit monitoring. The BBC has secured the database and is investigating the breach, which follows another major data theft incident last year involving the MOVEit MFT vulnerability.
Attacks
Mysterious Cyber Attack: 600,000+ Routers Offline
In October 2023, a cyber attack codenamed Pumpkin Eclipse took down over 600,000 SOHO routers in the U.S., rendering them permanently inoperable. Lumen Technologies’ Black Lotus Labs attributed the attack to the Chalubo RAT, affecting an ISP, possibly Windstream, in an unprecedented event with motives still unclear.
Microsoft Attributes Rising Cyber Threats to North Korean Group ‘Moonstone Sleet’
Microsoft has identified a new cybercrime group named “Moonstone Sleet,” linked to North Korea, engaging in phishing attacks under the guise of fake job opportunities. The group deploys trojanized versions of PuTTY and SumatraPDF via platforms like LinkedIn and Telegram, along with a new ransomware strain called FakePenny. Moonstone Sleet’s tactics include infiltrating organizations, stealing credentials, and demanding large ransom payments, indicating a shift toward more sophisticated cyber operations by North Korea.
Cybercriminals Exploit Stack Overflow to Spread Malicious Python Package for Cryptocurrency Theft
Cybercriminals have leveraged Stack Overflow to promote a malicious Python package, “pytoileur,” facilitating cryptocurrency theft. Discovered by Sonatype, the package executes malicious code to retrieve and run a Windows binary, installing spyware and stealer malware. Stack Overflow has suspended the account involved in this campaign.
U.S. Dismantles Massive 911 S5 Botnet with 19 Million Infected Devices, Arrests Key Administrator
The U.S. Department of Justice dismantled the 911 S5 botnet, which spanned 19 million infected devices globally and was used for various cybercrimes. Chinese national YunHe Wang, arrested in Singapore, managed the botnet and profited $99 million from selling access. The coordinated takedown involved multiple countries and resulted in significant asset seizures.
Fraudsters Steal $37 Million from Coinbase Pro Users via Phishing and Social Engineering
Using a fake Coinbase Pro website and phone-based social engineering, fraudsters stole over $37 million from Coinbase Pro users. Chirag Tomar, involved in the scheme, was arrested in December 2023 and faces up to 20 years in prison. The scam involved tricking users into revealing login details and transferring funds to fraudulent wallets.
NPM Package Concealing RAT Uncovered
Security researchers have discovered a suspicious npm package named glup-debugger-log, targeting users of the gulp toolkit. The package, downloaded 175 times, contains obfuscated files that facilitate the deployment of a remote access trojan (RAT), demonstrating evolving techniques in open-source malware development.
Surveys
70% of CISOs Fear Material Cyber Attack Risk in 2024
A recent survey of 1,600 Chief Information Security Officers (CISOs) reveals that 70% are worried about their organization being hit by a significant cyber attack within the next year, up from 68% in 2023 and 48% in 2022. Conducted by Proofpoint, the survey shows high concern among CISOs in South Korea, Canada, and the US. Key threats include ransomware, malware, and email fraud. Despite increased cybersecurity representation at the board level, many CISOs face burnout and fear personal liability for breaches. Over half report their organizations are unprepared for such attacks.
Best Buy and Geek Squad Top List of Most Impersonated Companies in 2023
The Federal Trade Commission (FTC) has released data on the most impersonated companies in 2023, with Best Buy and its repair arm Geek Squad leading the pack, followed by Amazon and PayPal. Although Best Buy, Amazon, and PayPal had high numbers of impersonation reports, Microsoft impersonators were the most successful, netting $60 million in ill-gotten gains. Phone and email remain common scam vectors, with social media gaining prominence. The FTC advises caution regarding payment methods, emphasizing skepticism toward requests for cryptocurrency or gift cards and encouraging verification of the recipient’s identity.
This is a new initiative and we would like to know your feedback and how useful it is for you. With a hope that we can tune it to address your needs.
Leave a Reply