InfoSec News 20241218
Top News
-
CoinLurker: The Stealer Powering the Next Generation of Fake Updates
"The evolution of fake update campaigns has advanced significantly with the emergence of CoinLurker, a sophisticated stealer designed to exfiltrate data while evading detection. Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyberattacks. "
TLP1 : Green
-
New Android NoviSpy spyware linked to Qualcomm zero-day bugs
"The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named 'NoviSpy,' used to spy on activists, journalists, and protestors."
TLP1 : Green
-
CVE-2024-49112 (CVSS 9.8): Critical Windows LDAP Flaw Puts Networks at Risk of Remote Takeover
"Microsoft has disclosed a critical Remote Code Execution (RCE) vulnerability in its Lightweight Directory Access Protocol (LDAP) service, tracked as CVE-2024-49112. Released as part of the company’s December Patch Tuesday updates, this vulnerability poses a severe risk to enterprise networks by enabling unauthenticated attackers to execute arbitrary code within the context of the LDAP service."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
'Bitter' cyberspies target defense orgs with new MiyaRAT malware
"A cyberespionage threat group known as 'Bitter' was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT."
TLP1 : Green
-
APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP
"The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Hacker Leaks Cisco Data
"IntelBroker has leaked 2.9 Gb of data stolen recently from a Cisco DevHub instance, but claims it’s only a fraction of the total."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
CVE-2024-55875 (CVSS 9.8): Critical XXE Vulnerability Found in http4k Toolkit
"A critical XML External Entity (XXE) Injection vulnerability, identified as CVE-2024-55875, has been discovered in the http4k toolkit, a lightweight HTTP framework written in Kotlin. With a CVSS score of 9.8, this vulnerability poses significant risks, including sensitive data exposure, Server-Side Request Forgery (SSRF), and, under certain circumstances, remote code execution."
TLP1 : Green
-
Multiple Vulnerabilities in SHARP Routers Demand Urgent Firmware Updates
"The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has issued a warning about multiple critical vulnerabilities affecting SHARP routers. These vulnerabilities, tracked under five separate CVEs, pose significant risks, including the potential for arbitrary OS command execution, sensitive data theft, and service disruptions."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Balancing security and user experience to improve fraud prevention strategies
"In this Help Net Security interview, Jennifer White, Senior Director for Banking and Payments Intelligence at J.D. Power, discusses how financial institutions can improve customer satisfaction during fraud resolution, covering proactive fraud prevention, clear communication, and empathetic issue resolution."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Effective Phishing Campaign Targeting European Companies and Institutions
"Unit 42 researchers recently investigated a phishing campaign targeting European companies, including in Germany and the UK. Our investigation revealed that the campaign aimed to harvest account credentials and take over the victim’s Microsoft Azure cloud infrastructure."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.