Carbon supplier Orion loses $60 million in business email compromise scam

About $60 million was stolen from one of the leading suppliers of carbon products after an employee was tricked into making several wire transfers to cybercriminals.

The funds were stolen from Orion, a Luxembourg-based company that produces carbon black, a material used to make tires, ink, batteries, plastics and more.

Source: https://therecord.media/orion-carbon-black-bec-scam-millions

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited

Microsoft warned Tuesday of six actively exploited Windows security defects, highlighting ongoing struggles with zero-day attacks across its flagship operating system.

Redmond’s security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and raised eyebrows when it marked a half-dozen flaws in the actively exploited category.

Source: https://www.securityweek.com/microsoft-warns-of-six-windows-zero-days-being-actively-exploited/

Critical Flaw in Ivanti Virtual Traffic Manager Could Allow Rogue Admin Access

Ivanti has rolled out security updates for a critical flaw in Virtual Traffic Manager (vTM) that could be exploited to achieve an authentication bypass and create rogue administrative users. The vulnerability, tracked as CVE-2024-7593, has a CVSS score of 9.8 out of a maximum of 10.0.

While there is no evidence that the flaw has been exploited in the wild, it acknowledged the public availability of a proof-of-concept (PoC), making it essential that users apply the latest fixes as soon as possible.

Source: https://thehackernews.com/2024/08/critical-flaw-in-ivanti-virtual-traffic.html

Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data

The Azure Health Bot Service is a cloud platform that healthcare organizations can use to create and deploy AI-powered virtual health assistants.

Depending on what they’re used for, some of these chatbots may need to be given access to sensitive patient information to complete their tasks.

Tenable researchers discovered a data connection feature that allows bots to interact with external data sources. The feature enables the service’s backend to make third-party API requests.

Source: https://www.securityweek.com/azure-health-bot-service-vulnerabilities-possibly-exposed-sensitive-data/

Inc Ransomware Encryptor Contains Keys to Victim Data Recovery

The Inc ransomware collective, which just disrupted a major Michigan healthcare network, is using an encryptor that may hold the key to recovering from its worst attacks. The threat group is disrupting healthcare organizations. Victims can help themselves, though, even after compromise, by being careful in the decryption process.

Where once ransomware groups claimed moral high ground, they are increasingly targeting critical healthcare facilities. 

Source: https://www.darkreading.com/cyberattacks-data-breaches/inc-ransomware-encryptor-contains-keys-to-victim-data-recovery

Adobe Calls Attention to Massive Batch of Code Execution Flaws

Adobe on Tuesday released fixes for at least 72 security vulnerabilities across multiple products and warned that Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service attacks.

The Patch Tuesday rollout addresses critical security defects in Adobe Acrobat and Reader, Illustrator, Photoshop, InDesign, Adobe Commerce, and Dimension and the company is warning that the most severe of these vulnerabilities could allow attackers to take complete control of a target machine.

Source: https://www.securityweek.com/adobe-calls-attention-to-massive-batch-of-code-execution-flaws/

China-Backed Earth Baku Expands Cyber Attacks to Europe, Middle East, and Africa

The China-backed threat actor known as Earth Baku has diversified its targeting footprint beyond the Indo-Pacific region to include Europe, the Middle East, and Africa starting in late 2022.

Newly targeted countries as part of the activity include Italy, Germany, the U.A.E., and Qatar, with suspected attacks also detected in Georgia and Romania. Governments, media and communications, telecoms, technology, healthcare, and education are some of the sectors singled out as part of the intrusion set.

Source: https://thehackernews.com/2024/08/china-backed-earth-baku-expands-cyber.html

Biden administration pledges $11 million to open-source security initiative

The White House and Department of Homeland Security (DHS) are partnering on an $11 million initiative to gain an understanding of how open source software is used across critical infrastructure and to better secure it.

The White House announced the measure on Friday, and at the DEF CON cybersecurity conference over the weekend, National Cyber Director Harry Coker said DHS will fund it under the 2021 Bipartisan Infrastructure Law.

Source: https://therecord.media/open-source-software-security-white-house-dhs-11million-funding

GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks

A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices.

The vulnerability has been codenamed GhostWrite. It has been described as a direct CPU bug embedded in the hardware, as opposed to a side-channel or transient execution attack.

Source: https://thehackernews.com/2024/08/ghostwrite-new-t-head-cpu-bugs-expose.html

In landmark for post-quantum encryption, NIST releases three algorithms

Three encryption tools designed to protect information against a quantum computer were publicly released on Tuesday by the U.S. National Institute of Standards and Technology (NIST) — a milestone for computer science and cryptography.

The new standards are “ready for immediate use,” the Department of Commerce said, and are launched following an eight-year consultation into how to protect the privacy of information against the threat posed by a functioning quantum computer.

Source: https://therecord.media/post-quantum-encryption-nist-releases-algorithms

Smarttech247