cybersecurity

In Other News: Gen Digital Makes $1B Buy, Recall Captures Sensitive Data, MITRE ATT&CK Evaluations

by

December 13, 2024 at 08:36AM SecurityWeek’s roundup highlights key cybersecurity stories, including China’s Salt Typhoon espionage revealing phone call recordings, WhatsApp’s fixed View Once feature, and Russia’s Secret Blizzard attacks in Ukraine. Notable developments include MITRE’s evaluations, Gen Digital’s $1 billion acquisition of MoneyLion, and Yahoo’s layoffs in its cybersecurity team. ### Key Takeaways from … Read more

Hackers Possibly Stole Personal Data From Bitcoin ATM Operator Byte Federal

by

December 13, 2024 at 08:21AM Bitcoin ATM operator Byte Federal informed 58,000 individuals of a potential data breach, discovered on November 18, due to a vulnerability in GitLab. Personal data may have been accessed, but no funds were compromised. Byte Federal is taking security measures and advises users to monitor their accounts for suspicious activities. … Read more

Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms

by

December 13, 2024 at 07:33AM Iran-affiliated hackers have developed IOCONTROL, a custom malware targeting IoT and operational technology systems in Israel and the U.S. It can compromise various devices like cameras and PLCs, enabling attackers to shut down services and steal data. The malware functions via MQTT and employs advanced evasion tactics. **Meeting Takeaways – … Read more

How to Generate a CrowdStrike RFM Report With AI in Tines

by

December 13, 2024 at 07:33AM The Tines library offers free, pre-built workflows for security operations, including an award-winning automated reporting system for CrowdStrike RFM by Tom Power. This workflow streamlines manual processes, saving over 25 hours annually, enhances decision-making, and reduces errors, thereby allowing analysts to focus on critical cybersecurity tasks. ### Meeting Takeaways 1. … Read more

Microsoft Patches Vulnerabilities in Windows Defender, Update Catalog 

by

December 13, 2024 at 06:40AM Microsoft has patched two critical vulnerabilities: one in Windows Defender (CVE-2024-49071) related to information disclosure, and another in the Update Catalog (CVE-2024-49147) involving privilege escalation. These issues have been fully mitigated, requiring no action from users. Transparency remains a priority for Microsoft with CVE identifiers. **Meeting Takeaways: Microsoft Vulnerabilities Update** … Read more

Germany Sinkholes Botnet of 30,000 BadBox-Infected Devices

by

December 13, 2024 at 06:26AM Germany’s Federal Office for Information Security reported that over 30,000 media devices sold with pre-installed BadBox malware became part of a botnet. The agency has disrupted communication between infected devices and their command servers, advising users to disconnect and scan devices, while working with internet providers to address the issue. … Read more

Iranian Hackers Use IOCONTROL Malware to Target OT, IoT Devices in US, Israel

by

December 13, 2024 at 06:03AM A state-sponsored Iranian hacking group, CyberAv3ngers, has employed custom malware, IOCONTROL, to target IoT and operational technology devices in the U.S. and Israel. This malware exploits vulnerabilities in industrial control systems, leading to significant disruptions. The U.S. government offers a $10 million reward for information on the group. ### Meeting … Read more

New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection

by

December 13, 2024 at 04:45AM Researchers have identified a sophisticated Linux rootkit named PUMAKIT, capable of privilege escalation and evasion from detection. It uses multi-stage architecture, advanced stealth techniques, and hooks into system calls to conceal its presence while communicating with command-and-control servers. This highlights increasing malware complexity on Linux systems. **Meeting Takeaways from December … Read more

Taming the multi-vault beast

by

December 13, 2024 at 04:11AM GitGuardian addresses the growing security concern of managing secrets across multiple vaults for Non-Human Identities (NHIs) in enterprises, which now outnumber human users 100 to one. Their new multi-vault integrations provide centralized visibility, automate detection, and streamline management, enhancing security and compliance while reducing operational costs. ### Meeting Takeaways: 1. … Read more

Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion

by

December 13, 2024 at 03:04AM Trend Micro researchers examined a social engineering attack where an attacker impersonated a client during a Microsoft Teams call. The victim was tricked into downloading AnyDesk, allowing remote access, which facilitated the installation of DarkGate malware. The attack was ultimately stopped before any data exfiltration occurred, highlighting security vulnerabilities. **Meeting … Read more