Tageszusammenfassung - 24.07.2024

End-of-Day report

Timeframe: Dienstag 23-07-2024 18:00 - Mittwoch 24-07-2024 18:00 Handler: Alexander Riepl Co-Handler: Thomas Pribitzer

News

BreachForums v1 hacking forum data leak exposes members- info

The private member information of the BreachForums v1 hacking forum from 2022 has been leaked online, allowing threat actors and researchers to gain insight into its users.

https://www.bleepingcomputer.com/news/security/breachforums-v1-hacking-forum-data-leak-exposes-members-info/


SocGholish: Fake update puts visitors at risk

The SocGholish downloader has been a favourite of several cybercrime groups since 2017. It delivers a payload that poses as a browser update. As any piece of malware, it undergoes an evolutionary process. We have taken a look at the latest developments, which targets Wordpress based websites.

https://www.gdatasoftware.com/blog/2024/07/37976-socgholish-fake-update


Update-Panne bei Microsoft: Windows-Update erfordert Eingabe des Bitlocker-Keys

Das jüngste Sicherheitsupdate für Windows 10, 11 und gängige Windows-Server-Versionen führt dazu, dass einige Systeme ohne Bitlocker-Key nicht mehr starten.

https://www.golem.de/news/update-panne-bei-microsoft-windows-update-erfordert-eingabe-des-bitlocker-keys-2407-187382.html


NIS-2-Richtlinie: Kabinett beschließt strengere Regeln für Cybersicherheit

Fast 30.000 Firmen in Deutschland müssen künftig die Sicherheitsvorgaben nach der NIS-2-Richtlinie umsetzen.

https://www.golem.de/news/nis-2-richtlinie-kabinett-beschliesst-strengere-regeln-fuer-cybersicherheit-2407-187391.html


New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273)

In April, an OS command injection vulnerability in various D-Link NAS devices was made public. The vulnerability, %%CVE:2024-3273%% was exploited soon after it became public. Many of the affected devices are no longer supported.

https://isc.sans.edu/diary/New+Exploit+Variation+Against+DLink+NAS+Devices+CVE20243273/31102


Forget security - Googles reCAPTCHA v2 is exploiting users for profit

Web puzzles dont protect against bots, but humans have spent 819 million unpaid hours solving them Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers affiliated with the University of California, Irvine, argue its harvesting information while extracting human ..

https://www.theregister.com/2024/07/24/googles_recaptchav2_labor/


A Hacker -Ghost- Network Is Quietly Spreading Malware on GitHub

Cybersecurity researchers have spotted a 3,000-account network on GitHub that is manipulating the platform and spreading ransomware and info stealers.

https://www.wired.com/story/github-malware-spreading-network-stargazer-goblin/


Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment

Siemens has released out-of-band updates to patch two potentially serious vulnerabilities in products used in energy supply.

https://www.securityweek.com/siemens-patches-power-grid-product-flaw-allowing-backdoor-deployment/


New legislation will help counter the cyber threat to our essential services

The announcement of the Cyber Security and Resilience Bill is a landmark moment in tackling the growing threat to the UKs critical systems.

https://www.ncsc.gov.uk/blog-post/legislation-help-counter-cyber-threat-cni


Malware Campaign Lures Users With Fake W2 Form

Rapid7 has recently observed an ongoing campaign targeting users searching for W2 forms using the Microsoft search engine Bing.

https://www.rapid7.com/blog/post/2024/07/24/malware-campaign-lures-users-with-fake-w2-form/


Vulnerabilities

ISC Releases Security Advisories for BIND 9

The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC-s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition.

https://www.cisa.gov/news-events/alerts/2024/07/24/isc-releases-security-advisories-bind-9