Weekly Roundup: Top Cybersecurity News Stories

Dive into The Hacker News' weekly cybersecurity digest — your indispensable source for staying ahead in the ever-evolving digital world. Our expertly curated collection of the most recent cybersecurity news and in-depth analyses ensures that you're armed with the knowledge needed to protect your digital territory confidently and efficiently.

Gear up to be informed, inspired, and empowered! And remember to share our newsletter with your friends, family, and coworkers. Together, let's work towards a safer, more secure digital future for everyone.

Cyber Security Webinar: First of all, I would like to draw your attention to one of our one-of-a-kind upcoming webinars that could transform the way you approach cybersecurity:

3 Proven Ways to Secure Your Identity Perimeter: Are you concerned about cybercriminals targeting your business and obtaining sensitive data? Traditional security measures are no longer enough to protect your company from these sophisticated attacks. It's time to focus on securing the identity perimeter. Join us for a webinar with Dor Dali, Cyolo's Head of Research and cybersecurity expert, as he shares his experiences and provides actionable solutions for securing your identity perimeter. Discover the advanced methods used by cybercriminals to bypass security measures and learn how Zero Trust Access is the best defense against today's most dangerous cyberattacks.

As the seats for both webinars are limited, I encourage you to register now to secure your spot. Don't miss out on this opportunity!

1 — Two Zero-Day Flaws Exploited by Hackers on iOS, iPadOS, macOS, and Safari Browser

Urgent security updates have been released for iOS, iPadOS, macOS, and the Safari web browser, addressing two zero-day flaws that are currently being exploited by hackers. These vulnerabilities could potentially lead to arbitrary code execution or allow an app to execute arbitrary code with kernel privileges, putting your personal data at risk. The updates are available now and span a wide range of devices. Google TAG has also revealed that spyware vendors are using zero-days in Android and iOS to infect mobile devices with surveillance malware. Don't wait any longer, update your devices now, and protect yourself from potential security breaches!

• Update your devices immediately: To protect your devices, promptly install the updates by going to Settings > General > Software Update on iOS or iPadOS, and System Preferences > Software Update on macOS.
• Enable automatic updates: On iOS and iPadOS, go to Settings > General > Software Update > Customize Automatic Updates, and toggle on "Download iOS updates" and "Install iOS updates." On macOS, navigate to System Preferences > Software Update, and check the box for "Automatically keep my Mac up to date."
• Practice caution with downloads: Only download apps and software from trusted sources, such as the Apple App Store. Be cautious about downloading attachments or clicking on links in emails, even if they appear to be from legitimate sources.

2 — 3CX Supply Chain Attack — Experts Warn of Widespread Impact

Multiple versions of the 3CX desktop app for Windows and macOS, an enterprise communications software, have been affected by a supply chain attack, possibly involving a compromise of the company's software build pipeline or poisoning of an upstream dependency. The ultimate goal may have been to infect targets with a modular backdoor, although it is uncertain how successful the attack was. Sophos linked the attack to the Lazarus Group, while Kaspersky observed a second-stage implant targeting a small number of cryptocurrency companies, suggesting the group's involvement. Google has prohibited downloads of the MSI installer files via Chrome, and 3CX has urged customers to update to version 18.12.422.

• Update 3CX software immediately
• Monitor network activity and devices
• Use reputable security software
• Develop an incident response plan

3 — Massive Cybercrime Marketplace Genesis Market Shut Down by Joint International Operation

Buckle up, folks, because a joint international law enforcement operation has taken down the infamous Genesis Market, an illegal online marketplace specializing in stolen credentials. The unprecedented crackdown has resulted in 119 arrests and 208 property searches in 13 nations, involving authorities from 17 countries. This is a huge win in the fight against cybercrime, as Genesis Market offered access to data stolen from over 1.5 million compromised computers worldwide, with over 80 million credentials up for grabs. Account access credentials sold on the site included those connected to the financial sector, critical infrastructure, and federal, state, and local government agencies. This coordinated international effort is sure to have a ripple effect throughout the underground economy as cybercriminals look for alternatives to fill the void left by Genesis Market.

• Use strong, unique passwords for each account
• Enable multi-factor authentication (MFA)
• Stay updated on security patches and software updates
• Educate yourself and others about phishing attacks
• Regularly monitor accounts and credit reports

4 — Microsoft Takes Legal Action to Stop Cybercriminals Using Illegal Cobalt Strike Copies

Microsoft has joined forces with Fortra and Health Information Sharing and Analysis Center to combat the misuse of Cobalt Strike by cybercriminals, which has been instrumental in distributing malware and ransomware. The Digital Crimes Unit of Microsoft revealed that it obtained a court order in the United States to remove illegal copies of Cobalt Strike so that cybercriminals could no longer use them. Although Cobalt Strike is a legitimate tool, unauthorized cracked versions have been weaponized by threat actors. The use of legacy copies of Cobalt Strike and compromised Microsoft software will be disrupted to prevent future attacks and force adversaries to change their tactics. This move comes after Google Cloud identified 34 different hacked versions of the tool in the wild in an attempt to make it harder for bad actors to exploit it.

• Regularly monitor and review access logs
• Install and update antivirus and anti-malware software
• Conduct cybersecurity training and awareness programs
• Develop and maintain an incident response plan

5 — Your Linux, Android, and iOS Devices Could be Vulnerable to New Wi-Fi Flaw

A recently discovered security flaw in the widely used IEEE 802.11 Wi-Fi protocol standard could leave Linux, FreeBSD, Android, and iOS devices vulnerable. Researchers from Northeastern University and KU Leuven identified the flaw, which allows attackers to hijack TCP connections, intercept client and web traffic, and execute denial-of-service attacks by exploiting power-save mechanisms in endpoint devices. Cisco has acknowledged that its Wireless Access Point and Meraki products with wireless capabilities may be vulnerable. The researchers advise implementing TLS encryption to protect data in transit and policy enforcement mechanisms to restrict network access. This flaw is only the latest in a series of attacks on the 802.11 protocol that endanger users.

• Update your devices and software: Regularly check for firmware and software updates for your devices, routers, and access points.
• Restrict network access and monitor network traffic for signs of intrusion
• Implement encryption protocols and enable strong authentication methods

6 — Android App Developers Required to Offer Easy Account Deletion Option

Android app developers are now required by Google to provide an easy-to-use account deletion option in their apps and online. This is part of Google's aim to offer users more transparency and control over their data. Developers must delete all associated data upon users' request to delete their accounts. If a developer wishes to retain specific data for legitimate reasons, they must disclose such practices upfront. The new policy, which takes effect early next year, brings Android in line with Apple's iOS and iPadOS. However, it is unclear if any enforcement actions will be taken if a developer fails to comply with the new rules.

• Limit the amount of personal and sensitive information shared on apps and online platforms.
• Regularly review and revoke permissions granted to apps, especially for accessing personal data.
• Vet apps before downloading and granting permissions, ensuring they come from reputable developers and sources.

As we conclude another week of cybersecurity news, it's evident that the digital threat landscape is constantly evolving. The need for heightened security measures has never been greater.

Before we wrap up, we challenge you to spread awareness about digital security best practices to your friends, family, and colleagues. Share this newsletter and other reputable sources of cybersecurity news with your networks. Most importantly, take proactive steps to safeguard your online presence.

Remember, cybersecurity is not limited to large corporations and government institutions; it affects us all. However, armed with knowledge, awareness, and a determination to act, we can make a significant impact in the fight against cybercrime.

Thank you for being a part of our community, and we look forward to continuing our collaboration in building a safer and more secure digital world.