June 28, 2024 at 09:33AM
SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that may have gone unnoticed. This week’s stories include Microsoft patching a critical Dataverse vulnerability, a credential stuffing attack on Levi Strauss, a data breach at Ventura County Credit Union, malware delivery by a South Korean ISP, and various other cybersecurity warnings and vulnerabilities.
From the meeting notes, I have identified the following key takeaways:
1. Microsoft has patched a critical remote code execution vulnerability (CVE-2024-35260) in their Dataverse product and also unveiled cloud service CVEs for greater transparency.
2. Levi Strauss has reset passwords for 72,000 customers due to a credential stuffing attack, which may have compromised personal information and payment card details.
3. Ventura County Credit Union suffered a data breach affecting nearly 45,000 individuals due to an email account hack, resulting in the exposure of personal information.
4. South Korean ISP KT has been accused of delivering malware to 600,000 customers, potentially to interfere with BitTorrent traffic.
5. Ollama, a popular open source AI project, is affected by a remote code execution vulnerability (CVE-2024-37032), and many vulnerable instances have been exposed to the internet.
6. The FBI, CISA, and HHS have jointly warned healthcare and public health organizations about social engineering and phishing attacks targeting ACH payments.
7. Promon has identified a new Android banking trojan named Snowblind, utilizing a novel technique to attack Android apps based on a Linux kernel feature.
8. The Chinese shopping app Temu has been sued by the Arkansas Attorney General, alleging that it is “dangerous malware” capable of collecting large amounts of data from devices.
9. Nozomi Networks Labs has alerted about vulnerabilities in the Sensor Net Connect device and Thermoscan IP desktop application used in the healthcare industry, which could be exploited to manipulate system settings and disrupt healthcare services.
10. Apple has released AirPods firmware updates to resolve a Bluetooth vulnerability (CVE-2024-27867) that allowed attackers to spoof devices and gain access to a user’s headphones.
11. Google has announced changes to its Chrome Root Store policies, specifically concerning Entrust roots, with implications for Chrome 127’s trust of TLS server authentication certificates.
These takeaways provide a comprehensive understanding of the noteworthy cybersecurity developments from the past week. If there are any specific actions or further details needed on any of these takeaways, please let me know.