Essential Cyber Intel Brief: 10/29/2024

No one has time to sift through dozens of websites for critical cybersecurity insights. That’s why I developed a better solution-it’s automated, curated, and absolutely free.

Get the critical updates you need as a cybersecurity professional or business leader without the time drag or hassle.

Designed for efficiency, my custom program pinpoints the most critical cybersecurity events security professionals and business leaders need to know. I publish them every business day at 9 AM CT for you.

In just one to two minutes, you’ll determine if the latest cybersecurity developments require further attention, allowing you to stay informed without losing valuable time.

I also have a dedicated page for 2024 cybersecurity breaches that you can review if you want to focus exclusively on cyber breach events and related information.

Subscribe to receive automated notifications and stay ahead of critical developments.

You can connect with me on LinkedIn and join my professional network.

10/29/2024 — New Cybersecurity Updates

Chinese Hackers Targeted Phones of Trump, Vance, and People Associated With Harris Campaign — Chinese hackers engaged in a broader espionage operation targeted cellphones used by Donald Trump, JD Vance, and the Kamala Harris campaign. Source

Russia targets Ukrainian conscripts with Windows, Android malware — A hybrid espionage/influence campaign conducted by the Russian threat group ‘UNC5812’ has been uncovered, targeting Ukrainian military recruits with Windows and Android malware. Source

Free, France’s second largest ISP, confirms data breach after leak — Free, a major internet service provider (ISP) in France, confirmed over the weekend that hackers breached its systems and stole customer personal information. Source

US says Chinese hackers breached multiple telecom providers — The FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have disclosed that Chinese hackers breached commercial telecommunication service providers in the United States. Source

Redline, Meta infostealer malware operations seized by police — The Dutch National Police seized the network infrastructure for the Redline and Meta infostealer malware operations in “Operation Magnus,” warning cybercriminals that their data is now in the hands of law enforcement. Source

Fog ransomware targets SonicWall VPNs to breach corporate networks — Fog and Akira ransomware operators have increased their exploitation efforts of CVE-2024–40766, a critical access control flaw that allows unauthorized access to resources on the SSL VPN feature of SonicWall SonicOS firewalls. Source

Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services — A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. Source

Cybersecurity news can sometimes feel like a never-ending horror movie, can’t it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that could make your head spin. But don’t worry, we’re here to break it all down in plain English. Source

Russian Espionage Group Targets Ukrainian Military with Malware via Telegram — A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense.
Google’s Threat Analysis Group (TAG) and Mandiant are tracking the activity under the name UNC5812. Source

BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers — Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. Source

Cybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login Credentials — Cybersecurity researchers have warned of a spike in phishing pages created using a website builder tool called Webflow, as threat actors continue to abuse legitimate services like Cloudflare and Microsoft Sway to their advantage. Source

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel — A new attack technique could be used to bypass Microsoft’s Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. Source

Russia Targeting Ukrainian Military Recruits With Android, Windows Malware, Google Says –Google has uncovered a Russian cyberespionage and influence campaign targeting Ukrainian military recruits. Source

Four REvil Ransomware Group Members Sentenced to Prison in Russia –Four members of the REvil ransomware group, arrested in 2022, were last week sentenced to prison by a Russian court. Source

Subscribe to receive automated notifications and stay ahead of critical developments.

Copyright: Copyright © 2024 Tim Layton & Associates, LLC. All rights reserved. All information and content on this website are protected by copyright and may not be reproduced, distributed, or transmitted in any form without prior written permission from Tim Layton & Associates, LLC.

Originally published at https://timlaytonllc.com on October 29, 2024.