Cybersecurity Digest #92: 19/03/2024 – 02/04/2024

Cybersecurity News

  • Experts has warned of info stealer malware targeting macOS users via malicious ads and rogue websites. One of the attacks relies on sponsored ads proposed to the users while searching for “Arc Browser” on Google.
  • Cisco has notified its customers of password-spraying attacks that have been targeting Remote Access VPN services of Cisco Secure Firewall devices.
  • Security vulnerabilities discovered in Dormakaba’s Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms.
  • Scientists have identified a vulnerability inVirtual Reality headsets that could let hackers access private information without the wearers’ knowledge.
  • Researchers have developed ZenHammer, the first variant of the Rowhammer DRAM attack. It works on CPUs based on recent AMD Zen microarchitecture that map physical addresses on DDR4 and DDR5 memory chips.
  • Experts demonstrated a new side-channel attack, named GoFetch, against Apple CPUs. The attack could allow an attacker to obtain secret keys.
  • Microsoft has released emergency out-of-band updates to fix a known issue causing Windows domain controllers to crash.

Cybersecurity Blog Posts

  • Vitaly Simonovich, Threat Intelligence Researcher at Cato Networks, shared his thoughts on fake data breaches. In his article, he revealed the consequences of such breaches as well as given examples of leaks that have occurred in various companies over the past few years.
  • David Haber, CEO of Lakera, described the principles of red teaming in the era of artificial intelligence. The author believes that to effectively safeguard the new environments, cybersecurity teams need to understand the shifting nuances of red teaming in the context of AI.
  • Matt Waxman, SVP and GM for data protection at Veritas Technologies, discussed the components of a robust data protection strategy, emphasizing the escalating threat of ransomware. Matt specifically highlighted the importance of backup and recovery protocols following the 3-2-1 rule.
  • Pedro Cameirão, Head of Cyber Defense Center at Nokia, revealed emerging cybersecurity trends for 2024. In his article, the author advised enterprises on preparation strategies against possible threats.

Research and Analytics

  • Proofpoint has released its inaugural Data Loss Landscape report, which reveals that data loss is a problem stemming from the interaction between humans and machines ​​— “careless users” are much more likely to cause those incidents than compromised or misconfigured systems.
  • Results from research conducted by Google’s Threat Analysis Group disclose a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients.
  • Three-quarters of UK businesses and 79% of charities have experienced a cybersecurity incident in the past 12 months, according to Cyber Security Longitudinal Survey published by the UK government.
  • According to new research conducted by Microsoft, only 13% of UK organizations can effectively combat cyber-attacks of varying sizes. 48% of companies are practically unable to resist any attacks, and 39% cannot counter only “devastating” incidents.
  • The figures, extracted from the 2024 Thales Data Threat Report, suggest that less than half of organizations have established formal ransomware response plans. New data has unveiled a 27% rise in ransomware attacks in 2023, with 8% of affected organizations resorting to paying ransoms.
  • The 2024 Sophos Threat Report found that between 2022 and 2023 the number of ransomware attacks involving remote encryption increased by 62%. These attacks occurred when threat actors used an unmanaged device on organizations’ networks to encrypt files on other systems in the network.
  • Red Canary’s 2024 Threat Detection Report gives a comprehensive view of the threat landscape, including new twists on existing adversary techniques, and the trends that experts have observed as adversaries continue to organize, commoditize, and ratchet up their cybercrime operations.
  • Visa’s Biannual Threats Report outlines the top payment threats impacting consumers and businesses around the world. The report points to increasingly organized, sophisticated threat actors targeting the most vulnerable point in the payments’ ecosystem: humans.

Major Cyber Incidents

  • Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked after two threat actors exploited multiple vulnerabilities to breach systems.
  • Personal Information of 73 million current and former AT&T customers has been posted on the dark web following a data breach. No information is available to indicate whether it is a 3rd party compromise, or which division this data is from.
  • American fast-fashion company Hot Topic has suffered credential stuffing attacks. Hackers exposed customers’ personal information and partial payment data.
  • The INC Ransom extortion group hacked the National Health Service of Scotland. Cybercriminals have threatened to leak 3 terabytes of alleged stolen data.
  • Electronic Arts has postponed the finals of the Apex Legends tournament after attackers hacked participants during a tournament match.
  • Japanese technology company Fujitsu announced that it had suffered a malware attack. Threat actors may have stolen personal and customer information.
  • The International Monetary Fund faced a major cyber-attack, as a result of which 11 of the organization’s email accounts were compromised.