This Week’s Top 5 Cybersecurity News Stories May 2024 | 03

Cybersecurity threats are evolving constantly as threat actors look to gain access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small, as we look at threats from espionage to security flaws in every day devices:

1. North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign

The Kimsuky hacking group, linked to North Korea, is exploiting Facebook Messenger in a new malware campaign targeting North Korean human rights activists. Using fake Facebook accounts posing as public officials, they approach victims through Messenger. The attack involves sending decoy documents hosted on OneDrive that appear as legitimate content, such as essays or interviews. When opened, these files initiate a malware sequence that connects to a command-and-control server, exfiltrating data and establishing persistence on the victim’s device. This method highlights Kimsuky’s use of social media for sophisticated, personalized attacks.

For more details, read the full article here.

2. Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks

Cybercriminals are exploiting Microsoft’s Quick Assist feature in a ransomware campaign. The group Storm-1811 employs social engineering, impersonating IT professionals to trick victims into granting remote access via Quick Assist. Once access is obtained, the attackers deploy QakBot, Cobalt Strike, and ultimately, Black Basta ransomware. This method involves using email flooding to overwhelm victims’ inboxes, followed by voice phishing to offer “technical support.” Microsoft is addressing these vulnerabilities by adding warning messages in Quick Assist and advising organizations to disable unused remote tools and train employees against tech support scams.

Read more here.

3. Microsoft to Mandate Multi-Factor Authentication for All Azure Users

Microsoft will mandate multi-factor authentication (MFA) for all Azure users starting July. This move aims to enhance cloud security and protect user data by requiring two or more verification steps before accessing services. This rollout, part of Microsoft’s Secure Future Initiative, will be gradual to ease the transition. The initiative ensures only authorized users access Azure resources, aiding compliance with regulations like PCI DSS, HIPAA, GDPR, and NIST. Azure users are encouraged to enable MFA immediately using the MFA wizard for Microsoft Entra to benefit from these enhanced security measures.

Read more here.

4. Authorities Seized Notorious Data Leak Site BreachForums

Authorities have seized the notorious data leak site BreachForums, a major hub for trading stolen data. Originally established as a successor to RaidForums, BreachForums gained prominence on the dark web. Despite the arrest of its operator “Pompompurin” in 2023, the site continued under new management. Law enforcement agencies have now taken control of the website and its associated Telegram channel, marking a significant victory in the fight against cybercrime. This action disrupts a key marketplace for data breaches, emphasizing the ongoing efforts to enhance cybersecurity and protect personal information.

Read more here.

5. Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability

Google has released a patch to address a critical zero-day vulnerability (CVE-2024-4947) in its Chrome browser, marking the third such patch within a week. This vulnerability, a type confusion bug in the V8 JavaScript and WebAssembly engine, allows threat actors to execute arbitrary code, cause crashes, or access out-of-bounds memory. Reported by Kaspersky researchers, the exploit is active in the wild. Google urges users to update to the latest Chrome version (125.0.6422.60/.61) to mitigate potential threats, with updates also recommended for Chromium-based browsers like Edge and Brave.

Read more here.

At DIESEC, we have experts on hand waiting to help you with all of your cybersecurity needs, from ensuring your system is safe and secure to teaching your employees how not to fall victim to social engineering ploys.

For more information please contact us now!