End-of-Day report
Timeframe: Dienstag 23-07-2024 18:00 - Mittwoch 24-07-2024 18:00
Handler: Alexander Riepl
Co-Handler: Thomas Pribitzer
News
BreachForums v1 hacking forum data leak exposes members- info
The private member information of the BreachForums v1 hacking forum from 2022 has been leaked online, allowing threat actors and researchers to gain insight into its users.
https://www.bleepingcomputer.com/news/security/breachforums-v1-hacking-forum-data-leak-exposes-members-info/
SocGholish: Fake update puts visitors at risk
The SocGholish downloader has been a favourite of several cybercrime groups since 2017. It delivers a payload that poses as a browser update. As any piece of malware, it undergoes an evolutionary process. We have taken a look at the latest developments, which targets Wordpress based websites.
https://www.gdatasoftware.com/blog/2024/07/37976-socgholish-fake-update
Update-Panne bei Microsoft: Windows-Update erfordert Eingabe des Bitlocker-Keys
Das jüngste Sicherheitsupdate für Windows 10, 11 und gängige Windows-Server-Versionen führt dazu, dass einige Systeme ohne Bitlocker-Key nicht mehr starten.
https://www.golem.de/news/update-panne-bei-microsoft-windows-update-erfordert-eingabe-des-bitlocker-keys-2407-187382.html
NIS-2-Richtlinie: Kabinett beschließt strengere Regeln für Cybersicherheit
Fast 30.000 Firmen in Deutschland müssen künftig die Sicherheitsvorgaben nach der NIS-2-Richtlinie umsetzen.
https://www.golem.de/news/nis-2-richtlinie-kabinett-beschliesst-strengere-regeln-fuer-cybersicherheit-2407-187391.html
New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273)
In April, an OS command injection vulnerability in various D-Link NAS devices was made public. The vulnerability, %%CVE:2024-3273%% was exploited soon after it became public. Many of the affected devices are no longer supported.
https://isc.sans.edu/diary/New+Exploit+Variation+Against+DLink+NAS+Devices+CVE20243273/31102
Forget security - Googles reCAPTCHA v2 is exploiting users for profit
Web puzzles dont protect against bots, but humans have spent 819 million unpaid hours solving them Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers affiliated with the University of California, Irvine, argue its harvesting information while extracting human ..
https://www.theregister.com/2024/07/24/googles_recaptchav2_labor/
A Hacker -Ghost- Network Is Quietly Spreading Malware on GitHub
Cybersecurity researchers have spotted a 3,000-account network on GitHub that is manipulating the platform and spreading ransomware and info stealers.
https://www.wired.com/story/github-malware-spreading-network-stargazer-goblin/
Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment
Siemens has released out-of-band updates to patch two potentially serious vulnerabilities in products used in energy supply.
https://www.securityweek.com/siemens-patches-power-grid-product-flaw-allowing-backdoor-deployment/
New legislation will help counter the cyber threat to our essential services
The announcement of the Cyber Security and Resilience Bill is a landmark moment in tackling the growing threat to the UKs critical systems.
https://www.ncsc.gov.uk/blog-post/legislation-help-counter-cyber-threat-cni
Malware Campaign Lures Users With Fake W2 Form
Rapid7 has recently observed an ongoing campaign targeting users searching for W2 forms using the Microsoft search engine Bing.
https://www.rapid7.com/blog/post/2024/07/24/malware-campaign-lures-users-with-fake-w2-form/
Vulnerabilities
ISC Releases Security Advisories for BIND 9
The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC-s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition.
https://www.cisa.gov/news-events/alerts/2024/07/24/isc-releases-security-advisories-bind-9