Sunday, December 22, 2024

Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel – Help Net Security

Must read

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274)
For the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability (CVE-2024-5274) with an in-the-wild exploit.

YouTube has become a significant channel for cybercrime
Social engineering threats – those which rely on human manipulation – account for most cyberthreats faced by individuals in 2024, according to Avast.

Authelia: Open-source authentication and authorization server
Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, deny, or redirect requests.

Cybersecurity jobs available right now: May 22, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

Fail2Ban: Ban hosts that cause multiple authentication errors
Fail2Ban is an open-source tool that monitors log files, such as /var/log/auth.log, and blocks IP addresses that exhibit repeated failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses for a configurable amount of time.

Strategies for transitioning to a SASE architecture
In this Help Net Security, Prakash Mana, CEO at Cloudbrink, discusses the primary challenges companies face when transitioning to a SASE architecture and how to overcome them.

Strategies for combating AI-enhanced BEC attacks
In this Help Net Security interview, Robert Haist, CISO at TeamViewer, discusses how AI is being leveraged by cybercriminals to enhance the effectiveness of BEC scams.

Grafana: Open-source data visualization platform
Grafana is an open-source solution for querying, visualizing, alerting, and exploring metrics, logs, and traces regardless of where they are stored.

US retailers under attack by gift card-thieving cyber gang
Earlier this month, the FBI published a private industry notification about Storm-0539 (aka Atlas Lion), a Morocco-based cyber criminal group that specializes in compromising retailers and creating fraudulent gift cards.

Compromised courtroom recording software was served from vendor’s official site
Courtroom recording software JAVS Viewer has been saddled with loader malware and has been served from the developer’s site since at least April 2, a threat researcher has warned last month.

GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)
A critical, 10-out-of-10 vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been fixed by Microsoft-owned GitHub.

Windows’ new Recall feature: A privacy and security nightmare?
Microsoft has announced the Copilot+ line of Windows 11-powered PCs that, among other things, will have Recall, a feature that takes screenshots every few seconds, encrypts them, saves them, and leverages AI to allow users to search through them for specific content that has been viewed in apps, websites, documents, etc.

HHS pledges $50M for autonomous vulnerability management solution for hospitals
As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability (CVE-2023-43208) in a healthcare-specific platform being leveraged by attackers, the Advanced Research Projects Agency for Health (ARPA-H) has announced the Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE) program aimed at developing a vulnerability management platform for healthcare IT teams.

Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849)
Veeam has patched four vulnerabilities in Backup Enterprise Manager (VBEM), one of which (CVE-2024-29849) may allow attackers to bypass authentication and log in to its web interface as any user.

15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130)
Researchers have found 15 vulnerabilities in QNAP’s network attached storage (NAS) devices, and have released a proof-of-concept for one: an unauthenticated stack overflow vulnerability (CVE-2024-27130) that may be leveraged for remote code execution.

Critical Fluent Bit flaw affects major cloud platforms, tech companies’ offerings (CVE-2024-4323)
Tenable researchers have discovered a critical vulnerability (CVE-2024-4323) in Fluent Bit, a logging utility used by major cloud providers and tech companies, which may be leveraged for denial of service, information disclosure, or remote code execution.

PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026)
Technical details about and a proof-of-concept (PoC) exploit for CVE-2024-22026, a privilege escalation bug affecting Ivanti EPMM, has been released by the vulnerability’s reporter.

CISOs pursuing AI readiness should start by updating the org’s email security policy
Over the past few years, traditional phishing messages — with their pervasive linguistic errors, thinly-veiled malicious payloads, and often outlandish pretexts — have been on the decline. Easily detected by most of today’s standard email security tools (and thoroughly unconvincing to most recipients), this prototypical form of phishing may soon be a thing of the past.

Cybercriminals shift tactics to pressure more victims into paying ransoms
Ransomware didn’t just grow in the US in 2023, it evolved, with the frequency of ransomware claims jumping 64% year-over-year, according to At-Bay.

2024 sees continued increase in ransomware activity
In this Help Net Security video, Ryan Bell, Threat Intelligence Manager at Corvus Insurance, discusses how ransomware will continue to grow in 2024.

The challenges of GenAI in fintech
While some organizations and their boards have an all-in mindset on GenAI’s usage, others are watching and waiting.

Phishing statistics that will make you think twice before clicking
This article includes excerpts from various reports that offer statistics and insights into the current phishing landscape.

Fighting identity fraud? Here’s why we need better tech
In this Help Net Security video, Patrick Harding, Chief Architect at Ping Identity, discusses the state of identity fraud prevention.

Consumers continue to overestimate their ability to spot deepfakes
The Jumio 2024 Online Identity Study reveals significant consumer concerns about the risks posed by generative AI and deepfakes, including the potential for increased cybercrime and identity fraud.

SEC requires financial institutions to notify customers of breaches within 30 days
The Securities and Exchange Commission (SEC) announced the adoption of amendments to Regulation S-P to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal information by certain financial institutions.

Technological complexity drives new wave of identity risks
Security leaders are facing increased technological and organizational complexity, which is creating a new wave of identity risks for their organizations, according to ConductorOne.

Product showcase: Alert – Data breach detector for your email, credit card, and ID
With Alert, you can easily monitor your most important credentials, such as your email, credit card, and ID. Alert will instantly notify you if it appears in breached online databases. This way, you can immediately secure your accounts and prevent more damage before it happens.

New infosec products of the week: May 24, 2024
Here’s a look at the most interesting products from the past week, featuring releases from CyberArk, OneTrust, PlexTrac, and Strike Graph.

Latest article