Latest News Articles
--- TLP:WHITE ---
News
− TeamViewer Detects Security Breach in Corporate IT Environment
TeamViewer on Thursday disclosed it detected an "irregularity" in its internal corporate IT environment on June 26, 2024. "We immediately activated our response team and procedures, started investigations together with a team of globally renowned cyber security experts and implemented necessary remediation measures," the company said in a statement.
https://www.teamviewer.com/en-us/resources/trust-center/statement/− Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack
Shockwaves from the Russian government's hack of Microsoft's corporate infrastructure continue to spread as the victim pool widens.
https://www.securityweek.com/microsoft-alerts-more-customers-to-email-theft-in-expanding-midnight-blizzard-hack/− Google Disrupts More China-Linked Dragonbridge Influence Operations
In its ongoing battle with the China-linked Dragonbridge threat actor, Google continues to disrupt YouTube and Blogger activity conducted by the threat actor group. The social media activity is associated with Dragonbridge’s influence operations which have been ongoing since 2019.
https://blog.google/threat-analysis-group/google-disrupted-dragonbridge-activity-q1-2024/− Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware
A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware.
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP− How MFA Failures are Fueling a 500% Surge in Ransomware Losses
The cybersecurity threat landscape has witnessed a dramatic and alarming rise in the average ransomware payment, an increase exceeding 500%. Sophos, a global leader in cybersecurity, revealed in its annual "State of Ransomware 2024" report that the average ransom payment has increased 500% in the last year with organizations that paid a ransom reporting an average payment of $2 million,
https://thehackernews.com/2024/07/how-mfa-failures-are-fueling-500-surge.htmlVulnerabilities
− Siemens Sicam Vulnerabilities Could Facilitate Attacks on Energy Sector
In May Siemens informed customers that new updates containing patches for vulnerabilities, one medium-security, and two high-severity flaws. According to Siemens, the vulnerabilities have the potential to be exploited in attacks targeting the energy sector.
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-siemens-power-automation-products-cp-8000-cp-8021-cp8-022-cp-8031-cp-8050-sicore/− Hackers exploit critical D-Link DIR-859 router flaw to steal passwords
Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords.
https://www.greynoise.io/blog/perma-vuln-d-link-dir-859-cve-2024-0769/− Critical Vulnerability exists in Juniper Networks Session Smart Router, Session Smart Conductor and WAN Assurance Router
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device.
https://www.ncsc.gov.ie/pdfs/Juniper_SSR_Vulnerability_CVE_2024_2973.pdf− Critical Vulnerability exists in VMware ESXi, vCenter Server, VMware Cloud Foundation
VMware ESXi contains an authentication bypass vulnerability.
https://www.ncsc.gov.ie/pdfs/Critical_Vulnerability_exists_in_VMware_ESXi.pdf− Critical Remote Unauthenticated Code Execution Vulnerability inOpenSSH
The Qualys Threat Research Unit (TRU) have discovered a Remote Unauthenticated Code Execution(RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems.
https://www.ncsc.gov.ie/pdfs/2407010161_Critical_Vulnerability_OpenSSH.pdf− Critical Vulnerability exists in Progress MOVEit Gateway
Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows Authentication Bypass.
https://www.ncsc.gov.ie/pdfs/Progress_MOVEit_Vulnerability_CVE_2024_5805.pdfCommunity News
− Microsoft Details ‘Skeleton Key’ AI Jailbreak Technique
Microsoft has tricked several gen-AI models into providing forbidden information using a jailbreak technique named Skeleton Key.
https://www.securityweek.com/microsoft-details-skeleton-key-ai-jailbreak-technique/--- TLP:WHITE ---