Cybersecurity Digest #91: 05/03/2024 – 19/03/2024

Cybersecurity News

  • Researchers have demonstrated a new acoustic side-channel attack on keyboards. It can deduce user input based on their typing patterns, even in poor conditions, such as environments with noise.
  • Three types of vulnerabilities that can possibly lead to data exposure and account takeovers have been discovered in ChatGPT. One of the vulnerabilities can be exploited to install malicious plugins on ChatGPT users.
  • SIM swappers have adapted their attacks to steal a target’s phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.
  • Researchers have warned that of the critical vulnerability CVE-2024-21762 in Fortinet FortiOS. This flaw could potentially impact 150,000 exposed devices.
  • The financially motivated hacking group Magnet Goblin uses various 1-day vulnerabilities to hack servers and install malware. Windows and Linux systems are at risk.
  • The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to carry out their extortion-only attacks.
  • Hackers have been conducting widescale attacks on WordPress sites to inject scripts that force visitors’ browsers to bruteforce passwords for other sites.

Cybersecurity Blog Posts

  • Sanjay Macwan, CIO and CISO at Vonage, addressed emerging threats to cloud communications and the role of AI and automation in cybersecurity. In his article, he stated which new technologies and approaches organizations need to implement to protect themselves from the ever-changing threat landscape.
  • Phil Robinson, Principal Consultant at Prism Infosec, revealed why cyber maturity assessment should become standard practice across all the companies. According to Phil, establishing cyber maturity can help determine resilience, where the strengths and weaknesses lie, and what needs to happen to improve those security processes.
  • Geoffrey Mattson, CEO of Xage Security described the principles and strategies of JCDS, an initiative launched by CISA which brings together representatives of the private and public sectors to jointly plan and coordinate cyber defense at the national level.

Research and Analytics

  • Checkmarx has released the annual Future of AppSec Report, which gives an in-depth look at the current state of application security, future investments and organizations’ most critical application security concerns. The study reveals that 92% of companies surveyed had experienced a breach in the prior year due to vulnerabilities of applications developed in-house.
  • Cyberint has published its Security Matters: Consumer Views on Cybersecurity Retail & Finance 2024 Report. It centers on the cybersecurity landscape of the finance and retail sectors, revealing business-essential statistics and consumer sentiments.
  • Radware’s 2024 Global Threat Analysis Report states that the total number of DDoS attacks carried out by attackers against organizations around the world increased by 94% in 2023. The majority of reported cyber incidents involved hacktivists.
  • FICO experts have analyzed consumer preferences regarding fraud prevention in the financial services industry. According to the survey, 69% of consumers rank good fraud protection in their top three considerations when choosing a financial service provider.
  • The FBI’s latest Internet Crime Report 2023 discloses a staggering 74% increase in ransomware losses in the US, totaling $59.6 million compared to the previous year’s $34.4 million. The report highlights 2825 reported ransomware incidents, signifying an 18% rise from 2022.
  • The 2024 Sophos Threat Report states that in 2023, over 75% of customer incident response cases were for small businesses. According to the research, ransomware continues to have the greatest impact on smaller organizations.
  • Red Canary unveiled its annual Threat Detection Report which reveals that the total number of threats to cloud accounts increased 16-fold in 2023. The report examines the techniques which were used the most throughout the year, as well as two new and notable entries soared to the top 10 in 2023: Email Forwarding Rule and Cloud Accounts.

Major Cyber Incidents

  • Roku has disclosed a breach that allowed hackers to gain access to its users’ accounts and stored credit card information. Hackers have managed to obtain login information and tried to purchase streaming subscriptions in a limited number of instances.
  • Pennyslvania’s Scranton School District had some of its computer systems and services disrupted following a ransomware attack.
  • NHS Dumfries and Galloway, part of the Scottish healthcare system, has been hit by a cyber-attack causing a significant quantity of data to be put at risk.
  • A number of French government agencies have been hit by intense DDoS cyberattacks. The attacks have affected a variety of ministerial services, including mailboxes and online document storages.
  • The Swiss government had around 65,000 files stolen by the Play ransomware gang during an attack on an IT supplier. Among the corrupted data were classified files and sensitive, personally identifiable information.
  • American Express has alerted its customers that their credit card details may have been compromised following a third-party data breach. The attackers have managed to get access to card account numbers, customer names, and other card details.
  • Belgium’s Duvel Moortgat Brewery has suffered a ransomware attack which impacted its production facility, bringing it to a standstill.