Latest News Articles



--- TLP:WHITE ---

News

− Over 1 Million Domains at Risk of 'Sitting Ducks' Domain Hijacking Technique

Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed.

https://eclypsium.com/blog/ducks-now-sitting-dns-internet-infrastructure-insecurity/

− The European Union’s World-First Artificial Intelligence Rules Are Officially Taking Effect

EU officials say the Artificial Intelligence Act will protect the “fundamental rights” of citizens while also encouraging investment and innovation in the booming AI industry.

https://www.securityweek.com/the-european-unions-world-first-artificial-intelligence-rules-are-officially-taking-effect/

− APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack

A Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos. The unnamed organization was targeted as early as mid-July 2023 to deliver a variety of backdoors and post-compromise tools like ShadowPad and Cobalt Strike.

https://blog.talosintelligence.com/chinese-hacking-group-apt41-compromised-taiwanese-government-affiliated-research-institute-with-shadowpad-and-cobaltstrike-2/

− Israeli hacktivist group claims that it took down Iran's internet

Israel-based hacktivists are taking credit for an ongoing internet outage in Iran.

https://thecyberexpress.com/israeli-weredevils-internet-disruption-iran/

− China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates

The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group. Evasive Panda, also known by the names Bronze Highland, Daggerfly, and StormBamboo, is a cyber espionage group that's been active since at least 2012,

https://www.volexity.com/blog/2024/08/02/stormbamboo-compromises-isp-to-abuse-insecure-software-update-mechanisms/

− Justice Department Sues TikTok, Accusing the Company of Illegally Collecting Children’s Data

The US Justice Department has sued TikTok, accusing the company of illegally collecting children’s data and violating an online privacy law.

https://www.securityweek.com/justice-department-sues-tiktok-accusing-the-company-of-illegally-collecting-childrens-data/

Vulnerabilities

− Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands.

https://thehackernews.com/2024/08/critical-flaw-in-rockwell-automation.html

− Google Patches Android Zero-Day Exploited in Targeted Attacks

Google has patched CVE-2024-36971, a high-severity kernel zero-day vulnerability in Android that has been exploited in targeted attacks.

https://www.securityweek.com/google-patches-android-zero-day-exploited-in-targeted-attacks/

− Critical Vulnerabilities in ServiceNow Now Platform

Two critical and one medium severity vulnerabilities discovered in ServiceNow’s Now platform Console have been found to be under active exploitation.

https://www.ncsc.gov.ie/pdfs/2407310151_Multiple_Vulnerabilities_in_Service_Now.pdf

− Critical Vulnerabilities in Apple Mobile & Smart Devices Operating Systems

CVE-2024-27826 is flaw in the kernel that could allow an attacker execute arbitrary code with kernel privileges. CVE-2024-40788 could allow a local attacker cause an unexpected system shutdown.

https://www.ncsc.gov.ie/pdfs/2408020119_Crit_Vulns_in_Apple_Products.pdf

Community News

− National Cyber Security Centre publishes Ireland’s National Cyber Emergency Plan

Today sees the publication of Ireland’s cyber emergency plan, developed following extensive engagement throughout both the public and private sectors and two sector-specific emergency exercises in 2022 and 2023, as well as lessons learned from the HSE ransomware attack in 2021.

https://www.gov.ie/en/press-release/e2a83-national-cyber-security-centre-publishes-irelands-national-cyber-emergency-plan/

--- TLP:WHITE ---