Frontline Cyber 08/23/24: A Weekly Recap

Take a look at the 5 major events that occurred this week ?

① ?? Google Chrome Patch Fixes Critical Flaw Exploited in the Wild

Google has released a critical update to address a severe security flaw in Chrome, tracked as CVE-2024-7971. This vulnerability, identified by Microsoft on August 19, 2024, involves a type confusion issue in the V8 JavaScript and WebAssembly engine. Exploiting this flaw can lead to heap corruption via a specially crafted HTML page.

The flaw is actively exploited in the wild, although specific attack details and threat actor information remain undisclosed. This latest patch is part of a series of fixes for type confusion bugs in V8 this year, following similar vulnerabilities CVE-2024-4947 and CVE-2024-5274.

Users are advised to update to Chrome version 128.0.6613.84 or .85 for Windows and macOS, and version 128.0.6613.84 for Linux. Additionally, users of other Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi should apply relevant updates as they become available.

?? Source

② ?? Critical Backdoor Vulnerability Exposed in Millions of RFID Cards, Making Them Vulnerable to Rapid Cloning

Quarkslab, a French security firm, has uncovered a critical security vulnerability in contactless RFID cards manufactured by Shanghai Fudan Microelectronics Group. The flaw affects millions of cards used for access control in offices and hotels globally. Philippe Teuwen from Quarkslab discovered that these cards, including the FM11RF08S variant introduced in 2020, contain a backdoor that allows for easy and rapid cloning with just a few minutes of physical access.

The FM11RF08S was intended to counter previous security issues with MIFARE Classic cards, but Teuwen identified a hardware backdoor that provides unauthorized access to all user-defined keys on these cards. This vulnerability extends to various models from Fudan and other manufacturers, posing a significant risk to card-based security systems worldwide. Quarkslab urges organizations to urgently assess and secure access control systems to mitigate potential threats.

?? Source

③ ?? Microchip Technology’s Facilities Disrupted by Weekend Cyberattack

American chipmaker Microchip Technology Incorporated reported a cyberattack that disrupted its operations over the weekend. Based in Chandler, Arizona, the company serves approximately 123,000 customers across various industries, including automotive, aerospace, defense, and communications.

The attack, discovered on August 17, 2024, led to significant interruptions at several of its manufacturing facilities, causing reduced production capacity and delays in order fulfillment. Microchip Technology responded by shutting down and isolating affected IT systems to manage the situation. They are currently working with external cybersecurity experts to assess the breach's full impact and restore normal operations.

The exact nature of the attack remains unclear, though it is suspected to involve ransomware. As of now, no ransomware group has claimed responsibility. The company has not yet determined the potential financial impact of the incident.

?? Source

④ ? HHS Takes Stand Against Surge in Healthcare Cyberattacks with New Security Measures

To combat the growing threat of cyberattacks on the healthcare sector, the Department of Health and Human Services (HHS) has implemented several key strategies. Last year, ransomware attacks on U.S. healthcare organizations spiked by 128%, with 258 incidents reported in 2023 compared to 113 in 2022.

In response, HHS has introduced healthcare-specific Cybersecurity Performance Goals (CPGs) and launched a dedicated cybersecurity gateway website, HHScyber.gov. The CPGs, released earlier this year, focus on crucial areas such as multi-factor authentication, managing third-party supply chain risks, and developing incident response plans. The HHScyber.gov site aims to streamline how healthcare providers can interact with government resources on cybersecurity and is being enhanced to better support the CPGs.

Preventive measures are also being emphasized, including maintaining strong backup systems, utilizing paper-based records during EHR disruptions, and training clinicians in manual record-keeping. Additionally, HHS is exploring the use of "pop-up" EHR systems that could enable faster data recovery and continuity of care in the event of a cyberattack.

HHS collaborates with the FBI, Department of Defense, and Cybersecurity and Infrastructure Security Agency to improve incident response and disrupt cyber threats, reinforcing its commitment to safeguarding the healthcare sector against escalating cyber risks.

?? Source

⑤ ?? FBI and CISA Assure Safe Voting Amid Ransomware Concerns for 2024

On August 15, the FBI and CISA released a public service announcement reassuring the public about the security of the 2024 election cycle amid concerns about ransomware attacks. They clarified that while ransomware could cause temporary delays in state or local government networks, it is highly unlikely to affect the integrity or accuracy of voting systems. The announcement highlighted the effectiveness of comprehensive security measures, which include technological, physical, and procedural safeguards, in protecting election infrastructure. FBI’s Cynthia Kaiser and CISA’s Cait Conley emphasized that combating ransomware remains a top priority and assured that current security protocols are robust enough to prevent any impact on vote casting and tabulation. They also warned against disinformation efforts aimed at undermining confidence in the electoral process, reaffirming their commitment to maintaining the integrity of the elections and public trust.

?? Source

Connect with us! ??

Follow us on LinkedIn

Subscribe to our Weekly Newsletter

Have an inquiry? Contact Us