Sign up to save your podcasts
Or
Share 2024-02-18 : Daily : Gracie Folkins
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
2024-02-18 : Daily : Gracie Folkins
I'm Gracie Folkins, today is February 18, 2024, and you are listening to Hack News Daily.
In our cybersecurity roundup today, Google Chrome is stepping up its game with a new feature called "Private Network Access protections". This is designed to keep your internal network devices safe from public website exploits by checking connectivity requests more thoroughly. For those interested in the technical details, the process involves CORS-preflight requests, which might block suspicious attempts.
A serious warning for Microsoft Outlook users: A flaw dubbed MonikerLink, identified as CVE-2024-21413, could let bad actors run unauthorized code or steal your data by tampering with file hyperlinks. The advice is clear—patch up as soon as Microsoft rolls out the fix.
Across the pond, a Russian-backed hacking group known as Winter Vivern or TAG-70 has been busy. They've managed to infiltrate various European targets, including government and military sites, thanks to a clever mix of social engineering and exploiting a weakness in Roundcube webmail servers. This is a stark reminder of the need for constant vigilance, patching up security holes, and keeping sensitive information on lockdown.
Dell EMC Enterprise SONiC software users, listen up: A critical bug (CVE-2023-32484) has been found that could let remote attackers get unauthorized access, run commands, and even escalate their privileges. Dell advises moving to versions 3.5.5, 4.0.0, or 4.1.1 to avoid trouble.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has its sights on the Akira Ransomware group, which is exploiting an old Cisco bug to sneak into systems. Federal agencies have until March 7, 2024, to patch up and keep their data safe from these memory extraction attacks.
For those using Okta for identity management, a recent post sheds light on how attackers might exploit misconfigured Role-Based Access Control to gain higher privileges. Understanding Okta's inner workings could be your best defense.
Android users, beware of SpyNote, a trojan that's now manipulating Accessibility APIs to divert cryptocurrency transactions to attackers' wallets. Be extra cautious about which apps you grant Accessibility API permissions to.
VMware ESXi servers are under threat from the RansomHouse Group, wielding a tool named "MrAgent" for ransomware attacks. It's crucial to beef up security with EDR solutions and hardening practices.
Wyze Labs is currently investigating a potential security issue that led to users accidentally seeing other people's camera thumbnails. As a precaution, they've forced a logout to reset user tokens.
Google isn't just about search anymore; they've introduced Magika, an AI model for better file type identification, and are pushing an AI Cyber Defense Initiative to fund security research and collaborate with startups.
The ALPHV ransomware group, with a notorious history under names like DarkSide and BlackMatter, has hit Prudential Financial and loanDepot. The FBI is on their trail, offering rewards for information that leads to their capture.
A look back at a 1979 anthrax outbreak in the USSR reveals a military facility as the culprit, debunking the official story of infected livestock. This finding comes from an international team using open-source intelligence methods.
RansomLook is a new tool on the block for monitoring ransomware group activities online, helping cybersecurity teams stay one step ahead.
And for those in the cloud, Proofpoint reports an attack campaign targeting Microsoft Azure users with phishing and account takeover attempts. Changing credentials and keeping an eye out for suspicious activity is recommended.
Lastly, Gazprombank Investments has updated its app for a more stable stock market investing experience. It's a reminder of the digital advancements in financial services and the need for secure online interactions.
Come back tomorrow for more Hack News Daily for the latest updates. You can find links to all the cyber news, red team tradecraft tooling, and more at HAQ.NEWS. Gracie Folkins out.
View all episodes
By Jared FolkinsI'm Gracie Folkins, today is February 18, 2024, and you are listening to Hack News Daily.
In our cybersecurity roundup today, Google Chrome is stepping up its game with a new feature called "Private Network Access protections". This is designed to keep your internal network devices safe from public website exploits by checking connectivity requests more thoroughly. For those interested in the technical details, the process involves CORS-preflight requests, which might block suspicious attempts.
A serious warning for Microsoft Outlook users: A flaw dubbed MonikerLink, identified as CVE-2024-21413, could let bad actors run unauthorized code or steal your data by tampering with file hyperlinks. The advice is clear—patch up as soon as Microsoft rolls out the fix.
Across the pond, a Russian-backed hacking group known as Winter Vivern or TAG-70 has been busy. They've managed to infiltrate various European targets, including government and military sites, thanks to a clever mix of social engineering and exploiting a weakness in Roundcube webmail servers. This is a stark reminder of the need for constant vigilance, patching up security holes, and keeping sensitive information on lockdown.
Dell EMC Enterprise SONiC software users, listen up: A critical bug (CVE-2023-32484) has been found that could let remote attackers get unauthorized access, run commands, and even escalate their privileges. Dell advises moving to versions 3.5.5, 4.0.0, or 4.1.1 to avoid trouble.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has its sights on the Akira Ransomware group, which is exploiting an old Cisco bug to sneak into systems. Federal agencies have until March 7, 2024, to patch up and keep their data safe from these memory extraction attacks.
For those using Okta for identity management, a recent post sheds light on how attackers might exploit misconfigured Role-Based Access Control to gain higher privileges. Understanding Okta's inner workings could be your best defense.
Android users, beware of SpyNote, a trojan that's now manipulating Accessibility APIs to divert cryptocurrency transactions to attackers' wallets. Be extra cautious about which apps you grant Accessibility API permissions to.
VMware ESXi servers are under threat from the RansomHouse Group, wielding a tool named "MrAgent" for ransomware attacks. It's crucial to beef up security with EDR solutions and hardening practices.
Wyze Labs is currently investigating a potential security issue that led to users accidentally seeing other people's camera thumbnails. As a precaution, they've forced a logout to reset user tokens.
Google isn't just about search anymore; they've introduced Magika, an AI model for better file type identification, and are pushing an AI Cyber Defense Initiative to fund security research and collaborate with startups.
The ALPHV ransomware group, with a notorious history under names like DarkSide and BlackMatter, has hit Prudential Financial and loanDepot. The FBI is on their trail, offering rewards for information that leads to their capture.
A look back at a 1979 anthrax outbreak in the USSR reveals a military facility as the culprit, debunking the official story of infected livestock. This finding comes from an international team using open-source intelligence methods.
RansomLook is a new tool on the block for monitoring ransomware group activities online, helping cybersecurity teams stay one step ahead.
And for those in the cloud, Proofpoint reports an attack campaign targeting Microsoft Azure users with phishing and account takeover attempts. Changing credentials and keeping an eye out for suspicious activity is recommended.
Lastly, Gazprombank Investments has updated its app for a more stable stock market investing experience. It's a reminder of the digital advancements in financial services and the need for secure online interactions.
Come back tomorrow for more Hack News Daily for the latest updates. You can find links to all the cyber news, red team tradecraft tooling, and more at HAQ.NEWS. Gracie Folkins out.