Essential Cyber Intel Brief: 11/14/2024
No one has time to sift through dozens of websites for critical cybersecurity insights. That’s why I developed a better solution-it’s automated, curated, and absolutely free.
Get the critical updates you need as a cybersecurity professional or business leader without the time drag or hassle.
Designed for efficiency, my custom program pinpoints the most critical cybersecurity events security professionals and business leaders need to know. I publish them every business day at 9 AM CT for you.
In just one to two minutes, you’ll determine if the latest cybersecurity developments require further attention, allowing you to stay informed without losing valuable time.
Subscribe to receive automated notifications and stay ahead of critical developments - no spam, just concise, relevant updates delivered directly to your inbox.
You can connect with me on LinkedIn and join my professional network.
11/14/2024 — New Cybersecurity Updates
US govt officials’ communications were compromised in a recent telecom hack — CISA and the FBI confirmed that Chinese hackers compromised the “private communications” of a “limited number” of government officials after breaching multiple U.S. broadband providers. Source
Leaked info of 122 million linked to B2B data aggregator breach — The business contact information for 122 million people circulating since February 2024 is now confirmed to have been stolen from a B2B demand generation platform. Source
Microsoft patches Windows zero-day exploited in attacks on Ukraine — Suspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian entities. Source
US indicts Snowflake hackers who extorted $2.5 million from 3 victims — The Department of Justice has unsealed the indictment against two suspected Snowflake hackers, who breached more than 165 organizations using the services of the Snowflake cloud storage company. Source
Critical bug in EoL D-Link NAS devices now exploited in attacks — Attackers now target a critical severity vulnerability with publicly available exploit code that affects multiple models of end-of-life D-Link network-attached storage (NAS) devices. Source
New ShrinkLocker ransomware decryptor recovers BitLocker password — Bitdefender has released a decryptor for the ‘ShrinkLocker’ ransomware strain, which uses Windows’ built-in BitLocker drive encryption tool to lock victim’s files. Source
Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws — Today is Microsoft’s November 2024 Patch Tuesday, which includes security updates for 89 flaws, including four zero-days, two of which are actively exploited. Source
New RustyAttr Malware Targets macOS Through Extended Attribute Abuse — Threat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr. Source
Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails — A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine. Source
Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims — Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. Source
NIST Explains Why It Failed to Clear CVE Backlog — NIST says all known exploited CVEs in the backlog have been addressed but admitted that clearing the entire backlog by October was optimistic. Source
Unpatched Flaw in Legacy D-Link NAS Devices Exploited Days After Disclosure — Exploitation attempts targeting CVE-2024–10914, a recently disclosed ‘won’t fix’ vulnerability affecting outdated D-Link NAS devices. Source
Citrix, Cisco, Fortinet Zero-Days Among 2023's Most Exploited Vulnerabilities — Most of the top frequently exploited vulnerabilities in 2023 were initially exploited as zero-days, according to data from government agencies. Source
Chinese Hackers Target Tibetan Websites in Malware Attack, Cybersecurity Group Says — A hacking group believed to be Chinese state-sponsored has compromised two websites with ties to the Tibetan community in an attack meant to install malware on computers. Source
DemandScience by Pure Incubation — 121,796,165 breached accounts — In early 2024, a large corpus of data from DemandScience (a company owned by Pure Incubation), appeared for sale on a popular hacking forum. Later attributed to a leak from a decommissioned legacy system, the breach contained extensive data that was largely business contact information aggregated from public sources. Specifically, the data included 122M unique corporate email addresses, physical addresses, phone numbers, employers and job titles. It also included names and for many individuals, a link to their LinkedIn profile. Source
Get notified when I publish new articles so you don’t miss out on the latest cybersecurity updates. I never share your email address, and your subscription only sends you notifications when I publish new articles.
Copyright: Copyright © 2024 Tim Layton & Associates, LLC. All rights reserved. All information and content on this website are protected by copyright and may not be reproduced, distributed, or transmitted in any form without prior written permission from Tim Layton & Associates, LLC.
Originally published at https://timlaytonllc.com on November 14, 2024.
