binarypublish
🚨 Cyber Alerts
- Microsoft reports that the Iranian APT33 cyber-espionage group is using the newly discovered FalseFont backdoor malware to target individuals in the Defense Industrial Base sector worldwide.
- UAC-0099, a threat actor linked to attacks against Ukraine, exploits a WinRAR flaw to deliver the LONEPAGE malware.
- A malicious plugin injected into a WordPress/WooCommerce website creates a fake administrator user and injects a credit card skimming JavaScript into the website’s checkout page.
- OpenAI has deployed a partial fix for a data leak flaw in ChatGPT discovered by a researcher. The flaw involves a technique to exfiltrate data from ChatGPT, potentially leaking conversation details to an external URL.
- ESET has fixed a high-severity vulnerability in its Secure Traffic Scanning Feature that could have allowed attackers to make web browsers trust sites using certificates signed with outdated and insecure algorithms.
💥 Cyber Incidents
- Ukrainian hacker group Blackjack allegedly targeted Russian water utility Rosvodokanal in a cyberattack, erasing over 50 terabytes of data.
- First American Financial Corporation has fallen victim to a cyberattack, prompting the temporary shutdown of certain systems to contain the impact.
- Australia’s largest not-for-profit health and aged care provider, St Vincent’s, has confirmed a cyberattack that resulted in the theft of some data.
- The darkweb marketplace, BidenCash, known for trading stolen credit cards, has unleashed 1.9 million credit cards for free as a promotional strategy to lure cybercriminals.
- A hospital near Kansas City, Missouri, faced significant disruptions after a cyberattack limited its computer systems.
📢 Cyber News
- The FTC has unveiled proposed changes to the Children’s Online Privacy Protection Rule, introducing new measures to safeguard children’s personal information and limit companies’ ability to monetize such data.
- The National Institute for Standards and Technology has highlighted the escalating privacy and security risks associated with the widespread use of genomic data.
- Cisco plans to acquire Isovalent, an open-source cloud-native networking and security company, to enhance its secure networking capabilities and services.
- Microsoft has announced the deprecation of Defender Application Guard for Edge for Business users.
- Predator Spyware’s analysis reveals a reboot-persistent feature offered based on licensing options, allowing it to survive on infected Android systems.
