This Week’s Top 5 Cybersecurity News Stories August 2024 | 02
Cybersecurity threats are evolving constantly as threat actors look to gain access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of. No story is too big or small, as we look at threats from espionage to security flaws in every day devices:
1. 0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices
Cybersecurity researchers have uncovered a critical “0.0.0.0 Day” vulnerability affecting major web browsers, enabling malicious websites to breach local networks. This flaw allows attackers to exploit the 0.0.0.0 IP address, bypassing security mechanisms and executing remote code on devices. The vulnerability has existed since 2006 and is expected to prompt significant browser security updates. For more about this story click here
2. FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million
The BlackSuit ransomware has demanded up to $500 million in ransoms, targeting critical infrastructure sectors. The U.S. CISA and FBI warn that BlackSuit’s tactics include phishing, remote access tools, and threatening communications to coerce payments. This aggressive approach, alongside emerging ransomware families, highlights the evolving and increasingly sophisticated ransomware landscape. For more about this story click here
3. Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords
Cybersecurity researchers have revealed critical vulnerabilities in Roundcube webmail that allow attackers to execute malicious JavaScript in a victim’s browser, potentially stealing sensitive data and passwords. Exploiting these flaws requires minimal user interaction, posing a significant threat. The vulnerabilities have been patched in recent updates, but users are urged to upgrade promptly to safeguard their accounts. For more about this story click here
4. INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore
INTERPOL’s new global stop-payment mechanism enabled the largest-ever recovery of $39 million from a business email compromise (BEC) scam targeting a Singaporean firm. The scam involved a fraudulent email requesting payment to a fake account. INTERPOL’s rapid intervention led to the freezing of the funds, arrests, and further recovery. This success highlights the effectiveness of INTERPOL’s anti-fraud efforts. For more about this story click here
5. New Android Spyware LianSpy Evades Detection Using Yandex Cloud
Russian users have been targeted by LianSpy, a sophisticated Android spyware, since 2021. Discovered by Kaspersky in March 2024, LianSpy uses Yandex Cloud for stealthy command-and-control, avoiding detection. It captures screencasts, exfiltrates data, and evades privacy indicators. Likely deployed via unknown exploits or physical access, LianSpy showcases advanced techniques to maintain persistence and hide its activities, making it a significant threat. For more about this story click here
At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.
For more information please contact us now!