Friday, November 22nd, 2024
Cybersecurity Week in Review (22/11/24)
Ford investigates alleged breach following customer data leak
Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum.
The leak was announced on Sunday by threat actor ‘EnergyWeaponUser,’ also implicating the hacker ‘IntelBroker,’ who supposedly took part in the November 2024 breach.
Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign
U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable information.
Source: https://thehackernews.com/2024/11/chinese-hackers-exploit-t-mobile-and.html
Apple Confirms Zero-Day Attacks Hitting macOS Systems
Apple has rushed out major macOS and iOS security updates to cover a pair of vulnerabilities already being exploited in the wild.
The vulnerabilities, credited to Google’s TAG (Threat Analysis Group), are being actively exploited on Intel-based macOS systems, Apple confirmed in an advisory released on Tuesday.
Source: https://www.securityweek.com/apple-confirms-zero-day-attacks-hitting-intel-based-macs/
US space tech giant Maxar discloses employee data breach
Hackers breached U.S. satellite maker Maxar Space Systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals.
The threat actor compromised the company network about a week before the discovery of the intrusion.
NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta’s Lawsuit
Legal documents released as part of an ongoing legal tussle between Meta’s WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app to deliver Pegasus, including one even after it was sued by Meta for doing so.
Source: https://thehackernews.com/2024/11/nso-group-exploited-whatsapp-to-install.html
Spotify abused to promote pirated software and game cheats
Spotify playlists and podcasts are being abused to push pirated software, game cheat codes, spam links, and “warez” sites.
By injecting targeted keywords and links in playlist names and podcast descriptions, threat actors may benefit from boosting SEO for their dubious online properties, since Spotify’s web player results appear in search engines like Google.
Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation
Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild.
The vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), could be exploited sans authentication to leak sensitive information.
Source: https://cybersecuritynews.com/oracle-agile-plm-zero-day-vulnerability/
CISA tags Progress Kemp LoadMaster flaw as exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting Progress Kemp LoadMaster.
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named ‘DeepData’ to exploit a zero-day vulnerability in Fortinet’s FortiClient Windows VPN client that steal credentials.
The zero-day allows the threat actors to dump the credentials from memory after the user authenticated with the VPN device.
Phishing emails increasingly use SVG attachments to evade detection
Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection.
Contact Us
The data you supply here will not be added to any mailing list or given to any third party providers without further consent. View our Privacy Policy for more information.