Security Bulletin

CyberScoop reports that House lawmakers have been urged by IT, banking, and oil and natural gas industry representatives to streamline cybersecurity regulations amid the presence of duplicative, inconsistent, and conflicting rules.

Investigation into the incident, which may have been caused by a successful phishing attack, is still underway, reported officials, who noted that the recovery of impacted law enforcement systems is being prioritized.

Such a vulnerability stems from impacted devices' usage of an American Megatrends International-generated Platform Key with the "DO NOT TRUST" tag that the vendors should have replaced, according to a report from the Binarly Research Team.

Information exposed by the hacking incident revealed not only all devices infected with Spytech spyware, most of which were Windows PCs, but also their unencrypted activity logs.

Identification of the critical arbitrary code execution bugs, tracked as CVE-2024-4879 and CVE-2024-5217, as well as the medium severity flaw, tracked as CVE-2024-5178, has been followed by widespread network scanning for vulnerable instances.

Intrusions involved the use of the domain, crowdstrike-office365[.]com, to lure users into downloading a recovery tool purportedly addressing update-related boot loop issues but delivers a malware loader.

Attacks against defense and government organizations worldwide have enabled APT45 to steal information regarding missiles and missile defense systems, nuclear power plants, radar systems, fighter aircraft and unmanned aerial vehicles, and satellites...

Ransoms extorted by Rim and his co-conspirators from healthcare providers across the U.S. have been leveraged to support additional attacks against the country's government organizations and foreign defense contractors.

Some simple PowerShell scripts might deliver nasty content if executed by the target. I found a very simple one (with a low VT score of 8/65):

Authorities expect even more API attacks on businesses working the Summer Olympics in Paris this year – here’s how to mitigate the impact.

A 2024. 30. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2024.07.19. és 2024.07.25. között kezelt incidensek statisztikai adatait is tartalmazza.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.