This Week’s Top 5 Cybersecurity News Stories August 2024 | 04
Cybersecurity threats are evolving constantly as threat actors look to gain access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of. No story is too big or small, as we look at threats from espionage to security flaws in every day devices:
1. Focus on What Matters Most: Exposure Management and Your Attack Surface
Attack Surface Management (ASM) focuses on identifying internet-facing assets and potential vulnerabilities, while Exposure Management extends this to include data assets, user identities, and cloud configurations. Effective exposure management involves continuous monitoring and prioritization of vulnerabilities, emphasizing context to focus on high-impact threats. This strategic approach allows organizations to efficiently manage risks and better secure critical systems. For more about this story click here
2. New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data
A recent Qilin ransomware attack involved credential theft from Google Chrome browsers, marking a concerning evolution in ransomware tactics. Attackers infiltrated a network via compromised VPN credentials lacking multi-factor authentication, deployed a PowerShell script to harvest credentials, and then encrypted the system. This highlights the growing sophistication and changing strategies of ransomware groups, which now increasingly exploit legitimate tools and target high-value sectors. Ransomware payments in 2024 have surged, particularly among larger businesses, as attackers refine their methods to maximize disruption and ransom potential. For more about this story click here
3. New macOS Malware “Cthulhu Stealer” Targets Apple Users’ Data
Cybersecurity researchers have identified a new macOS-targeted malware, Cthulhu Stealer, offered as malware-as-a-service (MaaS) for $500 a month since late 2023. Written in Golang, it impersonates legitimate software to steal credentials, cryptocurrency wallets, and system data. Users must bypass Gatekeeper protections to activate it. While not highly sophisticated, the malware highlights the growing focus on macOS by threat actors. Apple is responding with stricter security measures in its upcoming macOS update. For more about this story click here
4. Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
SolarWinds has released patches to address a critical vulnerability (CVE-2024-28987) in its Web Help Desk (WHD) software, which could allow remote unauthenticated users to gain unauthorized access and modify data. The flaw, rated 9.1 on the CVSS scale, involves a hardcoded credential vulnerability. Users are urged to update to version 12.8.3 Hotfix 2 to protect against potential exploitation. This follows the recent patch of another critical vulnerability (CVE-2024-28986) in the same software, which has already seen active exploitation. Additional details are expected next month, highlighting the urgency of applying the update. For more about this story click here
5. New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining
Cybersecurity researchers have uncovered a new malware strain called PG_MEM, which targets PostgreSQL database instances to mine cryptocurrency. The attack involves brute-forcing weak credentials to gain access and then exploiting the COPY … FROM PROGRAM SQL command to execute arbitrary shell commands. This allows attackers to deploy the Monero miner and maintain persistence on the host. The malware also disables other potential threats by stripping superuser permissions from the “postgres” user. The campaign highlights the risks of misconfigured databases with weak passwords, emphasizing the need for robust security practices. For more about this story click here
At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.
For more information please contact us now!