Cyber News - 30/01/2024
Your Cyber News of the day ! "Be Cyber Smart, Be Cyber Secure."
New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility
Description:
Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet's infrastructure was dismantled in April 2022. A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analysis published this month.
Date: Tue, 30 Jan 2024
Source: https://thehackernews.com/2024/01/new-zloader-malware-variant-surfaces.html
Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws
Description:
Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems.
The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS. Two other shortcomings, CVE-2023-36846 and CVE-2023-36851, were previously disclosed by the company in August 2023.
CVE-2024-21619 (CVSS score: 5.3) - A missing authentication vulnerability that could lead to exposure of sensitive configuration information
CVE-2024-21620 (CVSS score: 8.8) - A cross-site scripting (XSS) vulnerability that could lead to the execution of arbitrary commands with the target's permissions by means of a specially crafted request
Date: Tue, 30 Jan 2024
Source: https://thehackernews.com/2024/01/juniper-networks-releases-urgent-junos.html
Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords
Description:
A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file.
The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023.
Date: Mon, 29 Jan 2024
Source: https://thehackernews.com/2024/01/researchers-uncover-outlook.html
PoC Exploits Heighten Risks Around Critical New Jenkins Vuln
Description:
Some 45,000 Internet-exposed Jenkins servers remain unpatched against a critical, recently disclosed arbitrary file-read vulnerability for which proof-of-exploit code is now publicly available.
CVE-2024-23897 affects the built-in Jenkins command line interface (CLI) and can lead to remote code execution on affected systems. The Jenkins infrastructure team disclosed the vulnerability, and released updated version software, on Jan. 24.
Date: Mon, 29 Jan 2024
SolarWinds Files Motion to Dismiss SEC Lawsuit
Description:
Responding to SEC charges, SolarWinds fired back with a detailed defense of how a Russian-backed cyber espionage attack on its system was handled.
Date: Mon, 29 Jan 2024
Source: https://www.darkreading.com/cyber-risk/solarwinds-files-motion-to-dismiss-sec-lawsuit
Iran's 'Cyber Centers' Dodge Sanctions to Sell Cyber Operations
Description:
Networks of Iranian officials and cyber-offensive specialists have created a variety of cybersecurity contractors in an attempt to dodge sanctions, according to leaked documents.
Date: Mon, 29 Jan 2024
New Jersey School District Shut Down by Cyberattack
Description:
Sunday night, Freehold Township district officials notified its staff and parents that school would not be in session Monday due to technical difficulties caused by a cyber incident.
Date: Mon, 29 Jan 2024
Top 3 Data Breaches of 2023, and What Lies Ahead in 2024
Description:
Take a look at last year's most impactful data breaches and what companies can do to protect themselves going forward.
Date: Mon, 29 Jan 2024
Source: https://www.darkreading.com/cyberattacks-data-breaches/top-3-data-breaches-2023-what-lies-ahead-2024
Keenan warns 1.5 million people of data breach after summer cyberattack
Description:
Keenan & Associates is sending notices of a data breach to 1.5 million customers, warning that hackers accessed their personal information in a recent cyberattack.
Keenan is a California-based insurance brokerage and consulting firm with an established presence in the education, healthcare, and public agencies sectors. Since 2017, it has been part of AssuredPartners NL, one of the largest brokerage firms in the U.S.
Date: Mon, 29 Jan 2024
45k Jenkins servers exposed to RCE attacks using public exploits
Description:
Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2024-23897, a critical remote code execution (RCE) flaw for which multiple public proof-of-concept (PoC) exploits are in circulation.
Jenkins is a leading open-source automation server for CI/CD, allowing developers to streamline the building, testing, and deployment processes. It features extensive plugin support and serves organizations of various missions and sizes.
Date: Mon, 29 Jan 2024
Energy giant Schneider Electric hit by Cactus ransomware attack
Description:
Energy management and automation giant Schneider Electric suffered a Cactus ransomware attack leading to the theft of corporate data, according to people familiar with the matter.
BleepingComputer has learned that the ransomware attack hit the company's Sustainability Business division earlier this month on January 17th.
Date: Mon, 29 Jan 2024
Microsoft says Outlook apps can’t connect to Outlook.com
Description:
Microsoft is investigating an issue that prevents Outlook and other email clients from connecting when using an Outlook.com account.
"Since starting around 1/23/24 users have reported issues connecting with Outlook 2013, Outlook 2016, Outlook for Microsoft 365, Thunderbird, and mobile email apps when connecting with POP, IMAP, and Exchange connections," Microsoft says.
Date: Mon, 29 Jan 2024
Ransomware payments drop to record low as victims refuse to pay
Description:
The number of ransomware victims paying ransom demands has dropped to a record low of 29% in the final quarter of 2023, according to ransomware negotiation firm Coveware.
This trend became apparent in mid-2021 when the payment rate dropped to 46% after previously being 85% at the start of 2019.
Date: Mon, 29 Jan 2024
DHS employees jailed for stealing data of 200K U.S. govt workers
Description:
Three former Department of Homeland Security (DHS) employees were sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees.
The three individuals are Charles K. Edwards, a former Acting Inspector General of the DHS Office of Inspector General (DHS-OIG), sentenced to 1.5 years in prison; Sonal Patel, a member of the department IT staff, sentenced to 2 years of probation; and Murali Y. Venkata, also from the IT department, sentenced to 4 months in prison.
Date: Mon, 29 Jan 2024
Microsoft Teams hit by second outage in three days
Description:
Microsoft is investigating a second outage affecting Microsoft Teams users across North and South America in the last three days.
Affected customers again report having connectivity issues and experiencing delays when sending and receiving messages in mobile and desktop Teams clients.
Date: Mon, 29 Jan 2024
Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-hit-by-second-outage-in-three-days/
Last updated
