Cybersecurity Weekly: Windows SMB Flaw, Intel vulnerability, mobile banking risk
A new critical vulnerability affects Windows SMB protocol. Intel CPUs are vulnerable to new SGAxe and CrossTalk side-channel attacks. The FBI says a sudden increase in mobile banking is heightening risks for users. All this, and more, in this week’s edition of Cybersecurity Weekly.
Top Security Awareness Posters
1. A new critical vulnerability affects Windows SMB protocol
Last week, cybersecurity researchers uncovered a new critical vulnerability affecting the Server Message Block protocol that could allow attackers to leak kernel memory remotely, and when combined with a previously disclosed wormable bug, the flaw can be exploited to achieve remote code execution attacks.
Read more »
2. Intel CPUs vulnerable to new SGAxe and CrossTalk side-channel attacks
Cybersecurity researchers discovered two distinct attacks that could be exploited against modern Intel processors to leak sensitive information from the CPU's trusted execution environments. One of the flaws is an evolution of the previously uncovered CacheOut attack that allows an attacker to retrieve the contents from the CPU's L1 Cache.
Read more »
3. FBI says sudden increase in mobile banking is heightening risks for users
A recent surge in the use of mobile banking apps in the US prompted the FBI to warn smartphone users to be on the lookout for increased mobile malware and fake apps. In a recent public service announcement, the FBI’s ICCC indicated a 50% increase in mobile banking since the beginning of the year.
Read more »
4. Honda forced to temporarily suspend global production after cyberattack
Honda staff across the world were unable to access their laptops following a cyberattack that forced the company to temporarily suspend production. While the majority of its production was back online later in the week, production plants in Brazil, India, Turkey and the US took longer to re-open.
Read more »
5. A bug in Facebook Messenger for Windows could've helped malware gain persistence
Cybersecurity researchers disclosed details of a vulnerability they recently discovered in the Facebook Messenger application for Windows. The vulnerability could allow attackers to leverage the app to potentially execute malicious files already present on a compromised system in an attempt to help malware gain persistent and extended access.
Read more »
6. Fortune 500 insurance firm Genworth discloses data breach
Fortune 500 insurance holding company Genworth Financial disclosed a data breach after an unauthorized party gained access to insurance agents' online accounts using compromised login credentials. The attackers were able to access online documents that contained client information, including names, financial information, social security numbers and signatures.
Read more »
7. City of Knoxville shuts down network after ransomware attack
The City of Knoxville was forced to shut down its entire computer network following a ransomware attack that targeted the city's offices. Computers on Knoxville's network were encrypted overnight, with the attack being noticed by employees of the city's fire department around 4:30 AM, June 11.
8. Hackers leverage Saltbox flaw to breach LineageOS, Ghost and DigiCert servers
Just days after cyber security researchers brought attention to two critical vulnerabilities in the SaltStack configuration framework, hackers exploited the flaws to breach the servers of LineageOS, Ghost and DigiCert. Researchers warned that any competent hacker could create 100% reliable exploits related to the issues in 24 hours or less.
Read more »
9. Power company Enel Group suffers Snake Ransomware attack
European energy company giant Enel Group suffered a ransomware attack a few days ago that impacted its internal network. Detected on June 7, the incident is the work of EKANS ransomware operators, the group that also targeted Honda earlier this week. All connectivity was safely restored early Monday morning.
Read more »
Phishing simulations & training
10. IT company hired to hack politicians, investors, journalists worldwide
A team of cybersecurity researchers today outed a little-known IT firm that has been operating as a global hacker-for-hire service or hacking-as-a-service platform. Based in Delhi, BellTroX InfoTech allegedly targeted thousands of high-profile individuals and hundreds of organizations across six continents in the last seven years.
Read more »
In this Series
- Cybersecurity Weekly: Windows SMB Flaw, Intel vulnerability, mobile banking risk
- Canada Flipper Zero ban and new RustDoor macOS malware
- AnyDesk hack and iPhone patched kernel flaw
- Tesla Pwn2Own hacks and iOS push alerts abuse
- TeamViewer breach and Atlassian Jira outage
- Moscow ISP revenge hack and Microsoft Sharepoint bug warning
- X verified accounts hack and SpectralBlur macOS malware
- CISA default password alert and SOHO KV-botnet campaign
- New 5G modem flaws and Apple’s data breach report
- Staples cyberattack, Agent Racoon backdoor and other news
- British Library ransomware attack, Windows fingerprint authentication bypass
- Samsung UK data breach and ransomware actor’s SEC complaint
- ICBC ransomware attack and ChatGPT outage
- Boeing Lockbit ransomware attack, Apple’s vulnerability and WhatsApp mods spyware
- Octo Tempest hacking group and new iLeakage attack
- Okta support system breach and Google Ads fake KeePass campaign
- Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning
- 23andMe data theft, MGM’s $100M ransomware loss and the Azure VM breach
- Malicious Bing Chat ads and FBI’s dual ransomware warning
- T-Mobile app glitch and fake Booking.com pages
- Airbus data leak, Cisco Webex ad malware and €345 million TikTok fine
- New Apple iMessage exploit and CISA’s Apache RocketMQ warning
- Forever 21 data breach and Android BadBazaar espionage
- Duolingo data leak and the Met Police IT hack
- Discord.io data breach and Ivanti Avalanche vulnerabilities
- UK Electoral Commission hack and Microsoft’s role in China email breach
- Salesforce email zero-day exploit and Microsoft Power Platform criticism
- Airlines disclose pilot data breach and the Microsoft Teams bug
- GravityRAT Android Trojan and new MOVEit Transfer flaw
- University of Manchester hack and Honda API flaws
- MOVEit zero-day exploit and the U.S. iPhone hack accusation
- Daam Android virus and Barracuda zero-day flaw
- TP-Link router exploit and 18-year-old charged with hacking DraftKings accounts
- Discord support hack and Toyota location data leak
- Twitter private tweets bug and Cisco phone router vulnerabilities
- Cisco XSS zero-day flaw and PaperCut vulnerabilities
- 3CX hackers hit critical infrastructure and secondhand routers cause security concerns
- Hyundai data breach and Microsoft’s warning to accountants
- Western Digital cloud breach and the MSI ransomware hack
- TMX loan data breach, Italy bans ChatGPT and WordPress Elementor Pro exploit
- ChatGPT data leak and Gmail message theft by North Korean hackers
- U.S. federal agency hack and the return of FakeCalls Android malware
- Massive AT&T data breach and fake jobs targeting security researchers
- U.S. Marshals service breach and TPM 2.0 security flaws
- Dangerous ChatGPT apps and food giant Dole ransomware attack
- GoDaddy malware installations, record-breaking DDoS attack and the new WhiskerSpy malware
- Reddit’s employees phished, healthcare firms targeted and the new Screenshotter malware
- JD Sports data breached, VMware ESXi servers attacked and the HeadCrab malware
- Yandex source code leaked, 4500+ WordPress sites hacked and the new SwiftSlicer malware
- PayPal accounts breached, Fortinet VPN flaw exploited, and the new Hook malware
- Twitter users’ emails leaked, ChatGPT used to write malware and Slack’s repository breach
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
