Cyber Briefing - 2024.07.31

?? What's trending in cybersecurity today?

谷歌 Chrome, Browser Crashes, SMS Stealer, Telegram Messenger , OAuth , XSS, Black Basta, Ransomware, Cuckoo Spear, Windows, Microsoft Azure , DDoS Attack, Texas Wasleyan University, Terra Blockchain, Sharp Electronics Corporation USA , Cold Lake, Canada, US Senate, Online Safety Bill, Meta , Facial Recognition, Settlement, Reserve Bank of India (RBI) , Payment System Regulations, California DMV , Digital Car Titles, Avalanche, AVAX , Lineaje Inc , Funding, Supply Chain Attacks

?Welcome to Cyber Briefing , the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please subscribe .

?? Cyber Alerts

1. Google Patches Critical Chrome Crash Issue

Google has released a critical security update for its Chrome browser, addressing three significant vulnerabilities, including one that could cause the browser to crash. The update, now available on the Stable channel, brings Chrome to version 127.0.6533.88/89 for Windows and Mac, and 127.0.6533.88 for Linux. The most severe flaw involves uninitialized use in Chrome's Dawn graphics component, which could allow attackers to exploit the browser, leading to crashes or other malicious activities.

2. Android SMS Stealer Targets 113 Countries

A massive cybercriminal campaign has been discovered targeting Android devices across 113 countries, using thousands of Telegram bots to spread SMS-stealing malware. This operation, identified by Zimperium researchers, has been active since February 2022 and involves over 107,000 distinct malware samples. The malware is distributed through deceptive methods, including malvertising and Telegram bots that promise pirated apps, which then harvest users' phone numbers to track and exploit their devices.

3. Critical OAuth Bug Exposes Sites to XSS

Security researchers have uncovered a critical vulnerability affecting over one million websites, combining flaws in OAuth implementation with cross-site scripting (XSS) attacks. This vulnerability allows attackers to craft malicious URLs that mimic legitimate OAuth login attempts, intercepting the authentication process and gaining unauthorized access to user accounts.

4. Black Basta Malware Uses New Evasive Tools

The Black Basta ransomware group has upgraded its attack methods by deploying new custom malware designed to enhance its evasion tactics and network infiltration capabilities. Originally leveraging the QBot botnet for initial access, Black Basta has shifted to using advanced tools like DarkGate and SilentNight after QBot's takedown by law enforcement. Recent updates include the use of custom malware such as DawnCry, DaveShell, and PortYard, which facilitate multi-stage infections and establish robust command-and-control connections.

5. APT10 Targets Windows With Advanced Malware

Researchers have unveiled Cuckoo Spear, a new threat actor associated with the APT10 group, demonstrating a sophisticated and persistent cyber espionage campaign. Since December 2019, APT10's LODEINFO malware has been targeting critical infrastructure and academic sectors, now linked to the newly discovered NOOPDOOR malware. This advanced threat suite uses a multi-layered approach for stealthy infiltration and long-term network access, employing domain-generation algorithm (DGA)-based C2 communication and modular backdoor tactics.

?? Cyber Incidents

6. DDoS Attack Causes Major Azure Outage

On July 30, 2024, Microsoft experienced a significant global outage affecting Azure cloud services and Microsoft 365 products, lasting nearly 10 hours. The disruption, which began around 11:45 UTC and ended by 19:43 UTC, was triggered by a Distributed Denial-of-Service (DDoS) attack that overwhelmed Azure Front Door (AFD) components and Azure Content Delivery Network (CDN). Microsoft confirmed that a flaw in their defense mechanisms exacerbated the impact of the attack.

7. Texas Wesleyan Suffers Breach Exposing PII

Texas Wesleyan University (TXWES) has announced a data breach that potentially compromised sensitive personal information of individuals, following a network disruption on October 6, 2023. The breach, detected after unauthorized access to certain files, involved personal details such as names, addresses, dates of birth, and Social Security Numbers. In response, TXWES has implemented a range of security measures, including network disconnection, credential resets, and enhanced security protocols.

8. Terra Vulnerability Exploited for $6.8M

On July 31, 2024, the Terra blockchain experienced a significant security breach, resulting in the theft of $6.8 million. The exploit, which took advantage of a reentrancy vulnerability in the network’s Inter-Blockchain Communication (IBC) hooks, allowed attackers to withdraw funds repeatedly. The breach resulted in the loss of 60 million ASTRO tokens, $3.5 million USDC, $500,000 USDT, and 2.7 Bitcoin. Following the attack, Terra temporarily suspended its operations to address the issue.

9. Sharp Suffers Breach Exposing 100K Customers

Sharp Corp. has disclosed a significant data breach affecting over 100,000 customers, following unauthorized access to two of its online services. The company revealed on July 29 that personal information, including names, addresses, and phone numbers of 203 individuals, was compromised. The breach involved Sharp’s Cocoro Store and its food delivery service, Healsio Deli, with potential implications for credit card details. Customers who interacted with these sites between June 23 and 30 may have been exposed to a malicious website.

10. Cold Lake, Alberta Faces Ongoing Cyberattack

The City of Cold Lake, Alberta is grappling with a significant cyberattack that has severely disrupted operations across its facilities, including City Hall, the Energy Centre, and the Cold Lake Golf & Winter Club. The breach has affected phone systems, payment processes, and email communications, though city officials report no evidence of compromised personal or sensitive information. IT teams have managed to restore several payment systems and set up temporary terminals, but phone lines remain down, and full recovery may take days or longer.

?? Cyber News

11. US Senate Passes Kids Online Safety Bill

On July 30, 2024, the U.S. Senate passed the Kids Online Safety and Privacy Act (KOPSA), a groundbreaking piece of legislation aimed at enhancing online protections for children and teenagers under 17. The bill, which merges two significant proposals COPPA 2.0 and the Kids’ Online Safety Act (KOSA) bans targeted advertising to minors, mandates consent for data collection, and provides tools for deleting personal information.

12. Meta Settles $1.4B Texas Privacy Lawsuit

Meta has reached a historic $1.4 billion settlement with Texas, resolving a privacy lawsuit over the unauthorized use of facial recognition technology. The lawsuit, filed in 2022, accused Meta of violating state laws by capturing and utilizing residents' biometric data without consent. Texas Attorney General Ken Paxton called the settlement the largest secured by a single state, surpassing previous records. Meta, which has already paid over $2 billion in similar settlements, expressed its commitment to further investments in Texas despite the financial hit.

13. RBI Enforces New Security Rules for PSOs

The Reserve Bank of India (RBI) has announced new regulations aimed at strengthening cybersecurity and resilience in India's digital payments ecosystem. The 'Master Directions on Cyber Resilience and Digital Payment Security Controls' mandate enhanced safety measures for non-bank Payment System Operators (PSOs), including payment gateways and third-party service providers. These regulations require PSOs to implement robust cybersecurity practices, such as online alert mechanisms, mobile payment security protocols, and card payment standards.

14. California DMV Digitizes 42M Car Titles

The California Department of Motor Vehicles (DMV) has made history by digitizing 42 million car titles on the Avalanche blockchain, a significant advancement in modernizing vehicle title transfers. This groundbreaking initiative, led by Oxhead Alpha, allows California’s residents to manage their car titles digitally through a secure mobile wallet app, utilizing verifiable credentials. The integration of Avalanche’s blockchain technology aims to streamline the title transfer process, reduce physical visits to the DMV, and enhance security by preventing lien fraud with an immutable ledger.

15. Lineaje Secures $20M in Series A Funding

Lineaje, a startup focused on software supply chain security, has secured $20 million in Series A funding to enhance its platform for detecting and mitigating vulnerabilities within software supply chains. Founded in 2021 by cybersecurity veterans Javed Hasan and Anand Revashetti, Lineaje provides tools to identify tampered or outdated open source software and recommends fixes to manage risks.

Subscribe and Comment.

Copyright ? 2024 CyberMaterial . All Rights Reserved.

Follow CyberMaterial on:

LinkedIn , Twitter , Reddit , Instagram , Facebook , YouTube , and Medium .