Essential Cyber Intel Brief: 11/07/2024

No one has time to sift through dozens of websites for critical cybersecurity insights. That’s why I developed a better solution-it’s automated, curated, and absolutely free.

Get the important updates you need as a cybersecurity professional or business leader without the time drag or hassle.

Designed for efficiency, my custom program pinpoints the most critical cybersecurity events security professionals and business leaders need to know, and I publish them every business day at 9 AM CT for you.

In just one to two minutes, you’ll determine if the latest cybersecurity developments require further attention, allowing you to stay informed without losing your valuable time.

Subscribe to receive automated notifications and stay ahead of key developments-no spam, just concise, relevant updates delivered directly to your inbox.

You can connect with me on LinkedIn and join my professional network.

11/07/2024 — New Cybersecurity Updates

Hackers increasingly use Winos4.0 post-exploitation kit in attacks — Hackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps. Source

Cisco bug lets hackers run commands as root on UWRB access points — Cisco has fixed a maximum severity vulnerability that allows attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points that provide connectivity for industrial wireless automation. Source

New SteelFox malware hijacks Windows PCs using vulnerable driver — A new malicious package called ‘SteelFox’ mines for cryptocurrency and steals credit card data by using the “bring your own vulnerable driver” technique to get SYSTEM privileges on Windows machines. Source

Washington courts’ systems offline following weekend cyberattack — ​​Court systems across Washington state have been down since Sunday when officials said “unauthorized activity” was detected on their networks. Source

Most Common Malware Techniques in 2024 — Tactics, techniques, and procedures (TTPs) form the foundation of modern defense strategies. Unlike indicators of compromise (IOCs), TTPs are more stable, making them a reliable way to identify specific cyber threats. Source

SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims — An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys information stealer since July 2024. Source

Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems — Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that could permit unauthenticated, remote attackers to run commands with elevated privileges. Source

VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware — An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi. Source

Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps — Cybersecurity researchers are warning that a command-and-control (C&C) framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. Source

Cyberattack on Microlise Disables Tracking in Prison Vans, Courier Vehicles — Vehicle tracking services for Serco, DHL, and other fleets were disrupted after Microlise fell victim to a cyberattack. Source

22,000 IPs Taken Down in Global Cybercrime Crackdown — Over 22,000 malicious IPs were taken down in a law enforcement operation against phishing, infostealers, and ransomware. Source

Microchip Technology Reports $21.4 Million Cost From Ransomware Attack — Microchip Technology’s latest financial report reveals the company’s expenses due to the recent cybersecurity incident. Source

Cyberattack Blamed for Statewide Washington Courts Outage — Unauthorized activity was detected on the Washington courts network, which led to websites and other services becoming unavailable. Source

Ransomware Attack Disrupts Georgia Hospital’s Access to Health Records — Memorial Hospital and Manor’s access to its Electronic Health Record system was disrupted following a ransomware attack. Source

Earth 2–420,961 breached accounts — In October 2024, 421k unique email addresses from the virtual earth game Earth 2 were derived from embedded Gravatar images. Appearing alongside player usernames, the root cause was related to how Gravatar presents links to avatars as MD5 hashes within consuming services, a feature Earth 2 advised has now been disabled on their platform. This incident did not expose any further personal information, passwords or financial data. Source

Copyright: Copyright © 2024 Tim Layton & Associates, LLC. All rights reserved. All information and content on this website are protected by copyright and may not be reproduced, distributed, or transmitted in any form without prior written permission from Tim Layton & Associates, LLC.

Originally published at https://timlaytonllc.com on November 7, 2024.