Weekly Cybersecurity Digest: Top 5 News Stories in the Digital Sphere

1. security Researcher Exploits Flaw in Kraken Exchange, Steals $3 Million

The world of cryptocurrency security was shaken last week by a clash between a security researcher (or group) and crypto exchange Kraken. The researcher exploited a critical flaw in Kraken's platform to steal $3 million in digital assets. While Kraken patched the issue quickly and claims no customer funds were affected, the incident raises concerns about exchange security and responsible vulnerability disclosure.

Key Points:

• A security researcher exploited a flaw in Kraken to steal $3 million.
• Kraken patched the issue but considers this a criminal case.
• Blockchain security firm CertiK claims responsibility for the breach, stating they were researching the flaw and did not steal user funds.
• CertiK disputes Kraken's claims of extortion and unreasonable repayment demands.

Read More..

2. UEFI Vulnerability Affects Multiple Intel CPUs

Researchers discovered a critical vulnerability (CVE-2024-0762) in Phoenix SecureCore UEFI firmware, impacting various Intel Core processors (Alder Lake to Tiger Lake). This flaw allows attackers to escalate privileges and potentially execute malicious code at the highest level.

Key Points:

• The vulnerability resides in the Trusted Platform Module (TPM) configuration of the UEFI firmware.
• It grants local attackers persistence within the system, potentially bypassing higher-level security measures.
• Phoenix Technologies addressed the issue in April 2024, and PC maker Lenovo released updates as well.
• UEFI firmware being the first code to run with the highest privileges makes it a lucrative target for attackers.
• This vulnerability can impact a vast range of devices due to its presence across multiple vendors and product lines.

Read More..

3. Signal Foundation Sounds Alarm on EU's Proposed Private Message Scanning

The Signal Foundation, known for its privacy-centric messaging app, is raising concerns about a new European Union (EU) proposal. This plan would scan users' private messages to detect child sexual abuse material (CSAM).

Key Points:

• Signal argues mandatory message scanning undermines end-to-end encryption (E2EE), a critical privacy protection measure.
• The EU's proposed "upload moderation" would analyze messages before encryption, raising security vulnerability concerns.
• Signal believes this weakens encryption for everyone, not just those suspected of illegal activity.
• The debate reignites the tension between user privacy and law enforcement's need to combat CSAM.

Read More..

4. ExCobalt Cyber Gang Targets Russia with GoRed Backdoor

Russian organizations across various sectors are under attack by ExCobalt, a cyberespionage group. The group is leveraging a new, custom-made backdoor called GoRed.

Key Points:

• ExCobalt focuses on stealing information and has been active since at least 2016.
• They target a broad range of Russian industries, including government and technology.
• Their attacks are sophisticated, involving compromised contractors and supply chain infiltration.
• GoRed, a Golang-based backdoor, grants extensive control to attackers, allowing them to steal credentials, monitor systems, and execute commands.
• ExCobalt is adaptable, incorporating standard tools and modifying them to bypass security measures.

Read More..

5. Beware of Fake Meta Quest App Downloads! New Adware Campaign Targets Users

Meta Quest (formerly Oculus) app seekers are at risk of downloading adware disguised as the legitimate application. This new campaign leverages a malicious program called AdsExhaust.

Key Points:

• Fake website "oculus-app[.]com" appears in search results, tricking users into downloading an adware-laced archive.
• AdsExhaust steals screenshots, injects clicks on ads, and gathers user information.
• It can manipulate the Edge browser to open new tabs and simulate user interaction to generate ad revenue.
• The campaign highlights the importance of caution when searching for software downloads.

Read More..