This Week’s Top 5 Cybersecurity News Stories April 2024 | 01

With every passing day there are new cybersecurity events that have the potential to impact you or your company. We have rounded up five top cybersecurity news stories to help keep you up to date with cybersecurity issues around the world. From acts of espionage to simple code errors that could leak your private data.
Here are our top five new stories from the past week:

1. U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers

The U.S. Cyber Safety Review Board strongly criticized Microsoft for security lapses that enabled the Storm-0558, a China-based nation-state group, to breach nearly two dozen companies in Europe and the U.S. last year. The Department of Homeland Security disclosed these findings, highlighting that the intrusion, stemming from Microsoft’s “cascade of avoidable errors,” was preventable. The CSRB condemned Microsoft’s corporate culture for underprioritizing security investments and risk management, exacerbating the issue. Additionally, Microsoft’s failure to autonomously detect the breach and its lag in developing key security solutions were highlighted. The breach, first reported in July 2023, involved unauthorized access to numerous organizations and individual accounts due to a validation error in Microsoft’s Azure Active Directory. Despite ongoing investigations, Microsoft admitted in March 2024 to operational errors and an ongoing investigation. The CSRB urged cloud service providers to adopt stricter security and transparency practices to counter such sophisticated state-sponsored cyber threats.

For more about this story click here

 

2. New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

Recent research has uncovered a vulnerability in the HTTP/2 protocol, specifically in the CONTINUATION frame, that could be exploited for denial-of-service (DoS) attacks. Named the “HTTP/2 CONTINUATION Flood” by security researcher Bartek Nowotarski and reported to CERT/CC in January 2024, the flaw lies in how HTTP/2 implementations handle an excessive number of CONTINUATION frames within a single stream. These frames, intended for transmitting header block fragments, can be manipulated to create an unending stream of headers, leading to server crashes or significant performance drops due to memory overload or CPU exhaustion. This discovery presents a more severe threat compared to previous vulnerabilities, with the potential for a single machine or TCP connection to disrupt server availability without detection in HTTP access logs.

For more about this story click here

 

3. Researchers Unveil The Attackers Behind The Agent Tesla Campaign

Check Point Research has revealed a significant cyberattack campaign using the Agent Tesla malware, primarily targeting U.S. and Australian organizations since November 2023. Agent Tesla, known since 2014, is a keylogging malware disguised as legitimate software, enabling the theft of sensitive data like login credentials and financial information. This campaign was driven by phishing emails, crafted to appear as routine business communications, which when clicked, deploy the malware. The main perpetrator, Bignosa, part of a larger group with global targets, used a network of servers and email databases for these attacks. Bignosa employed a custom tool, “Cassandra Protector,” to mask the malware in emails, and collaborated with another attacker, Gods. Gods, believed to be technically adept and possibly educated in Turkey, has transitioned from phishing to malware campaigns and supports Bignosa’s operations. Their collaboration and ongoing activities, including Gods’ phishing campaigns in late 2023 and early 2024, highlight the persistent threat from this duo.

For more about this story click here

 

4. Hackers Hijacking YouTube Channels to Steal Your Data

Cybercriminals are increasingly targeting YouTube users, especially the younger demographic, with sophisticated malware attacks disguised as free software and video game enhancements. These attacks often involve videos promoting pirated software or game cracks, with malicious links in the video descriptions. Proofpoint Emerging Threats has noticed popular children’s games being used as bait. Many of these malicious videos are distributed through compromised YouTube accounts with high subscriber counts and verified status. The malware, such as Vidar Stealer, is often hidden in password-protected files on platforms like MediaFire and can steal sensitive data like credit card information. Some videos even impersonate well-known figures in the piracy community, adding perceived legitimacy. The malware files are designed to evade antivirus detection and utilize social media and forums for command and control instructions. Recently, Discord servers have also been used for distributing malware. With the sophistication of these attacks growing, users are advised to exercise extreme caution and skepticism, especially regarding offers that seem too good to be true. YouTube’s efforts to remove these accounts are ongoing, but the challenge remains significant.

For more about this story click here

 

5. Cisco: Overconfidence in cyber security capabilities putting UK firms at risk

According to Cisco’s research, only 2% of UK organizations are adequately resilient against current cyber security threats, lagging behind the global average of 3%. Most UK companies are in the early stages of cyber security readiness, with a significant 96% planning to increase their cybersecurity budgets within a year. Despite 54% experiencing a cyber incident in the past year, costing some over $300,000, 78% still express confidence in their current defenses, potentially indicating overconfidence. Jeetu Patel of Cisco emphasizes the need for integrated platforms and AI utilization for effective defense. The report also highlights the inefficiency of multiple point solution strategies, with many organizations using over ten such solutions. Furthermore, cybersecurity is hindered by critical talent shortages and a prevalent use of unmanaged devices by employees. However, there is a positive trend, as nearly half of the organizations intend to significantly upgrade their IT infrastructure soon, with investments in AI technologies and new solutions.

For more about this story click here

There are many ways cyber criminals will look to exploit your integral IT systems to access data or create chaos within your business for their own personal gain.
Here at DIESEC, we have experts on hand waiting to help you with all of your cybersecurity needs, from ensuring your system is safe and secure to teaching your employees how not to fall victim to social engineering ploys.

For more information please contact us now!