Cyber Briefing - 2024.03.01

?? What are the latest cybersecurity alerts, incidents, and news?

Meta , Facebook Account Vulnerability, Airbnb Scam, Fake Tripadvisor Website, CISA, FBI, MS-ISAC, Phobos Ransomware Advisory, Linux Bifrost Malware, VMware Domain for Evasion, New Silver SAML Attack, Golden SAML Defenses, Cutout.Pro Data Breach, Golden Corral Corporation Data Breach, Exposed Database, YX International Information Co., Ltd , SMS Security Codes, Fairway Independent Mortgage Corporation Cyber Attack, French AIDS Association Sidaction , Chinese 'Smart Cars' Spy Risks, GitHub , Secret Scanning, Brave Software , Privacy-Preserving AI Assistant Leo, Zero-Day Exploits, ChatGPT Credential Theft, Crypto Theft.

Welcome to Cyber Briefing , the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please subscribe .

?? C yber Alerts

4. Linux Bifrost Mimics VMware Domain

Unit 42 researchers uncover a new Linux variant of the Bifrost RAT, camouflaged with a deceptive domain resembling VMware. The malware, in stripped form, complicates analysis while utilizing RC4 encryption for data exfiltration, posing challenges for detection. This evolution signifies a push towards broader targeting, emphasizing the need for heightened cybersecurity vigilance.

5. Silver SAML Attack Revealed

Cybersecurity experts reveal a new threat dubbed Silver SAML, capable of bypassing defenses against Golden SAML attacks, enabling exploitation of SAML to infiltrate applications like Salesforce from identity providers. While resembling Golden Ticket attacks, Silver SAML empowers hackers to gain unauthorized access with stealthy persistence, posing a moderate risk to organizations worldwide. Although there's no recorded exploitation yet, vigilance and strict adherence to certificate management protocols are urged to mitigate potential threats.

?? C yber Incidents

6. Cutout.Pro Data Breach Exposes 20M Users

Cutout.Pro , an AI service for photo and video editing, faces a significant data breach affecting 20 million members. The breach, revealed by a cybercriminal on a hacking forum, exposes sensitive user information including email addresses, hashed passwords, and API access keys. With the threat actor still retaining access to the breached system, affected users are urged to reset passwords immediately and remain vigilant against potential phishing scams targeting further personal information.

7. Golden Corral Data Breach

?The Golden Corral restaurant chain discloses a data breach, compromising personal information of over 180,000 individuals. Attackers gained access to systems in August, stealing sensitive data including employee and beneficiary details, prompting the company to implement additional security measures and notify law enforcement. Customers are advised to stay vigilant against identity theft and report any suspicious activity to relevant authorities.

8. YX International Data Breach Concerns

YX International, a prominent technology company handling millions of SMS text messages daily, grapples with securing an exposed database that leaked one-time security codes crucial for accessing Facebook, Google, and TikTok accounts. Anurag Sen, a diligent security researcher, discovered the vulnerable database owned by YX International, unearthing sensitive text message contents, including authentication codes and password reset links. Despite YX International's swift response to seal the vulnerability, lingering questions persist regarding the extent of exposure and the implications for users of major tech platforms like Facebook and Google.

9. Fairway Data Breach Reveals Customer Data

Fairway Independent Mortgage Corp. faced a cyber attack due to vendor system vulnerabilities, compromising sensitive customer data including names, Social Security numbers, and financial information. Despite prompt action to implement patches and engage third-party security analysis, the breach affected 430 customers in Massachusetts, prompting the lender to offer identity theft protection. This incident adds Fairway to a growing list of mortgage companies targeted by cyber attacks, raising concerns and emphasizing the industry's need for enhanced security measures.

10. Sidaction Cyberattack Exposes Donor Data

Sidaction, the AIDS association, faces a cyberattack targeting its service provider's hosting system, potentially exposing personal data of donors, including names, addresses, and donation amounts. While less than 20% of donors since January 2023 may be affected, certain individuals' banking information, such as IBAN and BIC, is also at risk. Despite the breach, Sidaction assures donors of reinforced security measures for online donations and emphasizes vigilance against fraudulent approaches.

?? C yber News

11. Chinese Smart Cars Security Probe

?The Biden administration launches an investigation into Chinese-made smart cars, expressing concerns over potential national security threats posed by data gathering capabilities. While stopping short of a ban, President Biden emphasizes unprecedented steps to protect American data from foreign influence, particularly from China. Commerce Secretary Raimondo highlights the risks of connected vehicles, likening them to "smart phones on wheels," emphasizing the need for regulations to mitigate cyber and espionage risks.

12. GitHub Enhances Security Measures

GitHub has rolled out secret scanning push protection as a default feature, offering users the option to remove detected secrets or bypass the block if deemed safe. This enhancement, initially piloted in August 2023 and made generally available in May 2023, identifies over 200 token types and patterns to prevent fraudulent use by malicious actors, bolstering platform security. The move follows recent expansions of secret scanning to include validity checks for major service providers and comes amidst ongoing repo confusion attacks targeting GitHub, highlighting the platform's commitment to safeguarding user data and code integrity.

13. Brave Launches Privacy AI Assistant

?Brave Software introduces Leo, an AI assistant embedded within its Android browser, offering an array of functions from summarizing web content to generating written code. Users can access Leo with a tap on the "star" button, or via the options menu, empowering them to perform various tasks seamlessly. With a focus on privacy, Brave assures users that Leo operates without logging user data, ensuring anonymity and safeguarding sensitive information.

14. Zero-Day and ChatGPT Threats in 2023

?Security researchers warn of a surge in zero-day exploits, with Group-IB reporting a 70% spike in public ads selling such vulnerabilities. Threat actors exploit bugs like the CVE-2023-38831 zero-day, offering subscription access for $1000 monthly, primarily for cyber-espionage. Additionally, Group-IB cautions against the increasing interest in ChatGPT credentials on the dark web, exposing sensitive corporate data and raising concerns about Apple devices' vulnerability to attacks.

15. Cryptocurrency Hacks Surge in 2024

In 2024, over $200 million in cryptocurrency has vanished due to 32 incidents of hacks and rug pulls, a 15.4% rise from 2023. February alone witnessed $67 million disappear, with DeFi bearing the brunt. Ethereum was the prime target, enduring 12 attacks, while Bitcoin and BNB Chain also suffered losses.

Subscribe and Comment.

Copyright ? 2024 CyberMaterial . All Rights Reserved.

Follow CyberMaterial on:

LinkedIn , Twitter , Reddit , Instagram , Facebook , YouTube , and Medium .