This Week’s Top 5 News July 2023 | 02

With every passing day there are new cybersecurity events that have the potential to impact you or your company. We have rounded up five top cybersecurity news stories to help keep you up to date with cybersecurity issues around the world. From acts of espionage to simple code errors that could leak your private data.
Here are our top five new stories from the past week:

1. TeamTNT’s Silentbob Botnet Infecting 196 Hosts in Cloud Attack Campaign

The TeamTNT hacking group has launched an aggressive cloud campaign named Silentbob, infecting up to 196 hosts. The botnet targets Docker and Kubernetes environments, various servers and applications, aiming to infiltrate systems rather than deploy cryptominers. Aqua Security researchers note that the campaign uses a larger attack infrastructure than previously identified, deploying rogue container images, stealing credentials, and using legitimate tools for reconnaissance. Tsunami malware connects infected hosts to a command-and-control server via the Internet Relay Chat protocol, maintaining backdoor access. TeamTNT is also scanning for credentials across multiple cloud environments, including AWS, Azure, and GCP. For more about this story click here

 

2. EU AI Act: first regulation on artificial intelligence

The European Union aims to regulate artificial intelligence (AI) as part of its digital strategy, ensuring safer and more efficient use of the technology. In April 2021, the European Commission proposed the world’s first regulatory framework for AI, categorizing systems based on risk levels. The Parliament emphasizes safety, transparency, traceability, non-discrimination, and environmental friendliness in AI systems. The proposed rules establish different obligations for providers and users depending on the AI risk level. High-risk AI systems will have to be registered in an EU database and assessed throughout their lifecycle. Limited risk AI systems will need to comply with minimal transparency requirements. For more about this story click here

 

3. Hackers Exploit Windows Policy Loophole to Forge Kernel-Mode Driver Signatures

Chinese-speaking threat actors have been exploiting a loophole in Microsoft Windows policy to forge signatures on kernel-mode drivers, according to cybersecurity firm Cisco Talos. The actors use open-source tools to change the signing date of drivers, allowing them to load malicious and unverified drivers. Microsoft has responded by blocking all certificates associated with the threat. The exploit takes advantage of an exception in Microsoft’s policy, which permits cross-signed drivers under certain conditions. This loophole enables threat actors to deploy malicious, signed drivers without Microsoft’s verification. However, successful forgery requires a non-revoked code signing certificate issued before July 29, 2015, along with the certificate’s private key and passphrase. For more about this story click here

 

4. Apple Issues Urgent Patch for Zero-Day Flaw Targeting iOS, iPadOS, macOS, and Safari

Apple has recently issued Rapid Security Response updates to address an actively exploited zero-day flaw across iOS, iPadOS, macOS, and Safari. The WebKit bug, identified as CVE-2023-37450, could allow threat actors to execute arbitrary code when processing specific web content. However, the company had to withdraw these updates after users reported issues with certain websites on Safari. Apple acknowledges the problem in a support document, advising affected customers to remove the update. The tech giant is set to release revised updates soon. This comes as part of Apple’s ongoing efforts to tackle zero-day vulnerabilities, with 10 addressed since the start of 2023. For more about this story click here

 

5. Hackers Steal $20 Million by Exploiting Flaw in Revolut’s Payment Systems

Revolut, a digital banking platform, suffered a security breach in early 2022 resulting in a loss of over $20 million. The Financial Times, citing anonymous sources, reports that the flaw originated from discrepancies between Revolut’s U.S. and European systems. This error led to funds being mistakenly refunded using Revolut’s money when some transactions were declined. Criminal groups exploited this loophole, making expensive purchases that would be declined and then withdrawing the refunded amounts. Although some stolen funds were recovered, the net loss for the fintech firm stands at approximately $20 million. The exact technical details of the flaw remain undisclosed. For more about this story click here

 

There are many ways cyber criminals will look to exploit your integral IT systems to access data or create chaos within your business for their own personal gain.
Here at DIESEC, we have experts on hand waiting to help you with all of your cybersecurity needs, from ensuring your system is safe and secure to teaching your employees how not to fall victim to social engineering ploys.

For more information please contact us now!