This Week’s Top 5 Cybersecurity News Stories July 2024 | 02
Cybersecurity threats are evolving constantly as threat actors look to gain access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of. No story is too big or small, as we look at threats from espionage to security flaws in every day devices:
1. New Ransomware Group Exploiting Veeam Backup Software Vulnerability
A now-patched security flaw in Veeam Backup & Replication software is being exploited by the new EstateRansomware group. Discovered by Group-IB, the attackers used CVE-2023-27532 and a dormant Fortinet account to infiltrate systems. They deployed ransomware, disabled defenses, and created rogue user accounts, highlighting the growing sophistication and diversity of ransomware operations. For more about this story click here
2. DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign
Researchers have uncovered a brief but impactful DarkGate malware campaign that used Samba file shares to spread infections. Active in March and April 2024, this campaign targeted North America, Europe, and Asia, exploiting legitimate tools like Visual Basic Script and JavaScript files. DarkGate, a sophisticated malware-as-a-service, remains a potent threat, underscoring the need for robust cybersecurity defenses. For more about this story click here
3. Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments
A critical vulnerability in the Exim mail transfer agent, CVE-2024-39929, allows attackers to bypass security measures and deliver malicious attachments. With a CVSS score of 9.1, this flaw affects versions up to 4.97.1. Over 1.5 million servers are vulnerable, mainly in the U.S., Russia, and Canada. Users must update to version 4.98 to prevent potential exploits. For more about this story click here
4. PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks
A critical PHP flaw, CVE-2024-4577, is being exploited to deliver remote access trojans, cryptocurrency miners, and DDoS botnets. With a CVSS score of 9.8, this vulnerability allows attackers to execute malicious commands on Windows systems. Exploits include Gh0st RAT, RedTail, XMRig, and Muhstik. Users should update PHP immediately to prevent these threats. For more about this story click here
5. Google Adds Passkeys to Advanced Protection Program for High-Risk Users
Google now offers passkeys for high-risk users in its Advanced Protection Program (APP), replacing traditional physical security keys. Passkeys, a more secure alternative to passwords, use biometrics or a PIN, safeguarding accounts against takeover attacks. High-risk users can enroll if they have compatible devices. Google is also expanding dark web reports to all users with Google accounts. For more about this story click here
At DIESEC, we have experts on hand waiting to help you with all of your cybersecurity needs, from ensuring your system is safe and secure to teaching your employees how not to fall victim to social engineering ploys.
For more information please contact us now!