IT Security News Daily Summary 2024-09-22

Security Flaw in Google Cloud Document AI Could Expose Sensitive Data, Experts Warn

Concerns have arisen regarding a vulnerability in Google Cloud’s Document AI that could potentially expose sensitive data. Security experts are urging immediate attention to address this issue to prevent potential data breaches.

Global Taskforce Dismantles Encrypted Criminal Platform ‘Ghost,’ Leading to 51 Arrests

A collaborative effort by international law enforcement agencies has successfully taken down the encrypted criminal platform known as ‘Ghost,’ resulting in the arrest of 51 individuals involved in illegal activities.

Tor Project Assures Users It’s Safe Amid Controversy of Deanonymizing Users

The Tor Project has reaffirmed the safety of its network amidst ongoing controversies suggesting that certain authorities may have the capability to deanonymize users.

USENIX NSDI ’24: Jolteon – Unleashing the Promise of Serverless Workflows

The upcoming USENIX NSDI ’24 conference will showcase Jolteon, a cutting-edge approach to optimizing serverless workflows, promising enhanced efficiency and resource management.

IT Leaders Raise Security Concerns Regarding Generative AI

With the rapid advancements in generative AI, IT leaders are expressing increasing concerns about the security implications of this technology.

Massive Chinese Botnet Infects SOHO Routers and IP Cameras

A new Chinese botnet has been identified, infecting Small Office/Home Office (SOHO) routers and IP cameras, posing significant risks to network security.

macOS Sequoia Interferes With VPNs and EDRs Following Update

The latest update to macOS Sequoia has been reported to cause issues with VPNs and Endpoint Detection and Response (EDR) systems, complicating security measures for users.

Noise Storms: Mysterious Massive Waves of Spoofed Traffic Observed Since 2020

Since 2020, a phenomenon known as “Noise Storms” has been observed, characterized by massive waves of spoofed traffic causing disruptions and concern among cybersecurity experts.

The Great AI Swindle

Discussion continues around the notion of ‘The Great AI Swindle,’ highlighting the potential misuse and exploitation of artificial intelligence technologies.

Lumma Stealer Uses Fake CAPTCHA Pages to Distribute Malware

A new malware campaign, Lumma Stealer, has been discovered utilizing fake CAPTCHA pages to distribute its malicious payloads to unsuspecting users.

Critical VMware vCenter Server Bugs Fixed, Apple Releases iOS 18

This week saw critical vulnerabilities in VMware vCenter Server being patched, alongside the release of Apple’s iOS 18, offering security enhancements for users.

FBI and CISA Issue Warning Over False Claims of Hacked Voter Data

The FBI and CISA have issued warnings about false claims circulating regarding hacked voter data, reminding the public to be cautious of misinformation.

‘Harvest now, decrypt later’: Why Hackers are Waiting for Quantum Computing

An emerging strategy among hackers involves stealing encrypted data now with the anticipation of decrypting it in the future using quantum computing capabilities.

Cloudflare Outage Disrupts Website Access in Multiple Regions

A recent outage at Cloudflare impacted website access across multiple regions, affecting numerous global users.

Understanding the Critical Role of Resilience in Defending Against Ransomware

The importance of resilience in cybersecurity continues to be highlighted as a crucial factor in defending against ransomware attacks.

GitLab Addresses Critical SAML Auth Flaw With Latest Release

GitLab has released an update addressing a critical Security Assertion Markup Language (SAML) authentication flaw, improving the platform’s overall security.

Hackers Stole Over $44 Million from Asian Crypto Platform BingX

A recent cyberattack on the Asian cryptocurrency platform BingX has resulted in the theft of over $44 million, raising concerns about the security of digital asset exchanges.

Apple’s macOS Sequoia Update Breaks Security Tools

The new update to Apple’s macOS Sequoia has caused significant disruptions to various security tools, complicating defense measures for macOS users.

USENIX NSDI ’24: Autothrottle – A Practical Bi-Level Approach to Resource Management for SLO-Targeted Microservices

Autothrottle, a novel approach for resource management in microservices, will be presented at the upcoming USENIX NSDI ’24 conference, offering practical solutions for Service Level Objectives (SLO) targeting.

Email Attacks Target 80% of Key Infrastructure Firms, Study Reveals

A new study reveals that 80% of key infrastructure firms have been targeted by email-based attacks, underscoring the need for robust email security measures.

Ransomware Outfits Exploit Microsoft Azure Tool for Data Theft

Ransomware groups are increasingly exploiting a Microsoft Azure tool to facilitate data theft, representing a growing threat to cloud security.

The Expanding PKfail Vulnerability in Secure Boot and Its Alarming Impact

The PKfail vulnerability in Secure Boot is expanding, causing alarm due to its potential impact on the security of boot processes in computing devices.

Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks

Hacktivist group Twelve has launched destructive cyber attacks against Russian entities, reflecting escalating cyber hostilities.

Europol Dismantled Phishing Scheme Targeting Mobile Users

A Europol operation has successfully dismantled a sophisticated phishing scheme that specifically targeted mobile users.

Kawasaki Ransomware Attack: 500 GB Alleged Data Leaked

A ransomware attack on Kawasaki has resulted in an alleged leak of 500 GB of data, with the ransom group RansomHub claiming responsibility.

Ukraine Bans Telegram Use for Government and Military Personnel

In a security measure, Ukraine has banned the use of Telegram for government and military personnel due to potential security risks.

LinkedIn Halts AI Data Processing in the UK Amid Privacy Concerns

LinkedIn has ceased processing AI data in the UK in response to privacy concerns raised by the Information Commissioner’s Office (ICO).

How Apple, Google, and Microsoft Can Save Us from AI Deepfakes

As AI deepfakes become more sophisticated, there is an ongoing conversation about how tech giants like Apple, Google, and Microsoft can help mitigate this emerging threat.

Modernizing FedRAMP Security Standards to Accelerate Safe AI

Efforts are underway to modernize Federal Risk and Authorization Management Program (FedRAMP) security standards to facilitate the safe development and deployment of AI technologies.

China-Linked APT: Raptor Train Botnet Attacks IoT Devices

The Raptor Train botnet, linked to Chinese Advanced Persistent Threat (APT) groups, is actively attacking Internet of Things (IoT) devices, posing significant risks to network security.

Iranian Hackers Attempted to Give Hacked Trump Campaign Emails to Democrats

An Iranian hacking group attempted to provide hacked emails from the Trump campaign to Democratic officials, showcasing the complex landscape of cyber espionage.

Prime Day Scams on the Rise

As Prime Day approaches, a surge in related scams is anticipated, prompting consumers to remain vigilant and aware of potential threats.

2024 Cybersecurity Laws & Regulations

The landscape of cybersecurity laws and regulations is continuously evolving, with numerous new measures being introduced in 2024 to enhance digital security.

Earth Baxia Exploits GeoServer to Launch APAC Spear-Phishing Attacks

The hacking group Earth Baxia is exploiting vulnerabilities in GeoServer to carry out spear-phishing attacks in the Asia-Pacific (APAC) region.

CISA Adds Multiple Critical Bugs to KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has added several critical bugs from Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and MSSQL Server to its Known Exploited Vulnerabilities (KEV) catalog.

Patch Needed for Critical Privileged Passwords Authentication Bypass Flaw

A critical flaw allowing for privileged password authentication bypass has been identified, and immediate patching is necessary to prevent exploitation.

Microsoft Entra ID’s Administrative Units Weaponized for Stealthy Persistence

Malicious actors are exploiting Microsoft Entra ID’s Administrative Units feature to maintain stealthy persistence within compromised environments.

Germany Seizes 47 Crypto Exchanges Used by Ransomware Gangs

In a significant crackdown, German authorities have seized 47 cryptocurrency exchanges allegedly used by ransomware gangs for illicit activities.

Clever ‘GitHub Scanner’ Campaign Abuses Repositories to Push Malware

A sophisticated campaign known as ‘GitHub Scanner’ has been discovered, where repositories are being abused to distribute malware.

Ukraine Bans Telegram for Government Agencies and Critical Infrastructure

Ukraine has implemented a ban on the use of Telegram for government agencies, military personnel, and critical infrastructure to mitigate security risks.

A Hacker’s View of Civic Infrastructure

An in-depth look at how hackers perceive and target civic infrastructure, highlighting the vulnerabilities and potential impacts of cyber-attacks.

Lanett City Schools Enhances Operations with Cloud Monitor

Lanett City Schools has successfully enhanced its operational efficiency by leveraging the capabilities of Cloud Monitor.