Friday, September 6th, 2024
Cybersecurity Week in Review (06/09/24)
Transport for London discloses ongoing “cyber security incident”
Transport for London (TfL), the city’s transport authority, is investigating an ongoing cyberattack that has yet to impact its services. The agency says that, for the moment, there is no evidence that customer information was compromised during the incident.
Google Chrome Update Fixes Flaw Exploited in the Wild
New security fixes are being rolled out to address a high-severity vulnerability found in Google’s Chrome browser.
The flaw, tracked as CVE-2024-7971, is a type confusion bug located in the V8 JavaScript and WebAssembly engine. Google reported that an exploit for the vulnerability exists in the wild.
Halliburton says hackers removed data in August cyberattack
U.S. oilfield services firm Halliburton, said on Tuesday an unauthorized third party had accessed and removed data from its systems, providing details regarding the cyberattack in August.
Ireland’s cybersecurity body to get power to scan the networks of State institutions
The State’s cybersecurity body is to have the power to actively scan networks of State bodies and critical online bodies in a bid to prevent and detect malicious attacks by criminal gangs and hostile states.
Source: https://www.irishexaminer.com/news/arid-41466649.html
New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access
Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system’s permissions-based model, which revolves around the Transparency, Consent, and Control (TCC) framework.
Source: https://thehackernews.com/2024/09/new-flaws-in-microsoft-macos-apps-could.html
FBI warns crypto firms of aggressive social engineering attacks
The FBI warned today of North Korean hacking groups aggressively targeting cryptocurrency companies and their employees in sophisticated social engineering attacks to deploy malware designed to steal their crypto assets.
GitHub comments abused to push password stealing malware masked as fixes
GitHub is being abused to distribute the Lumma Stealer information-stealing malware as fake fixes posted in project comments.
The campaign was first reported by a contributor to the teloxide rust library, who noted on Reddit that they received five different comments in their GitHub issues that pretended to be fixes but were instead pushing malware.
Business services giant CBIZ discloses customer data breach
CBIZ Benefits & Insurance Services (CBIZ) has disclosed a data breach that involves unauthorized access of client information stored in specific databases.
The company informs that a threat actor exploited a vulnerability in one of its web pages and was able to steal customer data between June 2 and June 21.
Linux version of new Cicada ransomware targets VMware ESXi servers
A new ransomware-as-a-service (RaaS) operation is impersonating the legitimate Cicada 3301 organization and has already listed 19 victims on its extortion portal, as it quickly attacked companies worldwide.
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack
A new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign.
Source: https://thehackernews.com/2024/09/hackers-use-fake-globalprotect-vpn.html
Contact Us
The data you supply here will not be added to any mailing list or given to any third party providers without further consent. View our Privacy Policy for more information.