THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 23-29)

Catch up on last week's top cybersecurity stories.

 ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌  ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌  ‌ ‌ ‌  ‌ ‌  ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌ 

THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 23-29)   Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could've opened the door to remote attacks. Google's switch to Rust is paying off big time, slashing memory-related vulnerabilities in Android. But it wasn't all good news – Kaspersky's forced exit from the US market left users with more questions than answers. And don't even get us started on the Kia cars that could've been hijacked with just a license plate! Let's unpack these stories and more, and arm ourselves with the knowledge to stay safe in this ever-evolving digital landscape.

⚡ Threat of the Week Flaws Found in CUPS: A new set of security vulnerabilities has been disclosed in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that could permit remote command execution under certain conditions. Red Hat Enterprise Linux tagged the issues as Important in severity, given that the real-world impact is likely to be low due to the prerequisites necessary to pull off a successful exploit.

🔔 Top News Google's Touts Shift to Rust: The pivot to memory-safe languages such as Rust for Android has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The development comes as Google and Arm's increased collaboration has made it possible to flag multiple shortcomings and elevate the overall security of the GPU software/firmware stack across the Android ecosystem. Kaspersky Exits U.S. Market: Russian cybersecurity vendor Kaspersky, which has been banned from selling its products in the U.S. due to national security concerns, raised concerns after some found that their installations have been automatically removed and replaced by antivirus software from a lesser-known company called UltraAV. Kaspersky said it began notifying customers of the transition earlier this month, but it appears that it was not made clear that the software would be forcefully migrated without requiring any user action. Pango, which owns UltraUV, said users also had the option of canceling their subscription directly with Kaspersky's customer service team. Kia Cars Could Be Remotely Controlled with Just License Plates: A set of now patched vulnerabilities in Kia vehicles that could have allowed remote control over key functions simply by using only a license plate. They could also let attackers covertly gain access to sensitive information including the victim's name, phone number, email address, and physical address. There is no evidence that these vulnerabilities were ever exploited in the wild. U.S. Sanctions Cryptex and PM2BTC: The U.S. government sanctioned two cryptocurrency exchanges Cryptex and PM2BTC for allegedly facilitating the laundering of cryptocurrencies possibly obtained through cybercrime. In tandem, an indictment was unsealed against a Russian national, Sergey Sergeevich Ivanov, for his purported involvement in the operation of several money laundering services that were offered to cybercriminals. 3 Iranian Hackers Charged: In yet another law enforcement action, the U.S. government charged three Iranian nationals, Masoud Jalili, Seyyed Ali Aghamiri, and Yasar (Yaser) Balaghi, who are allegedly employed with the Islamic Revolutionary Guard Corps (IRGC) for their targeting of current and former officials to steal sensitive data in an attempt to interfere with the upcoming elections. Iran has called the allegations baseless.

📰 Around the Cyber World Mysterious Internet Noise Storms Detailed: Threat intelligence firm GreyNoise said it has been tracking large waves of "Noise Storms" containing spoofed internet traffic comprising TCP connections and ICMP packets since January 2020, although the exact origins and its intended purpose remain unknown. An intriguing aspect of the inexplicable phenomenon is the presence of a "LOVE" ASCII string in the generated ICMP packets, reinforcing the hypothesis that it could be used as a covert communications channel. "Millions of spoofed IPs are flooding key internet providers like Cogent and Lumen while strategically avoiding AWS — suggesting a sophisticated, potentially organized actor with a clear agenda," it said. "Although traffic appears to originate from Brazil, deeper connections to Chinese platforms like QQ, WeChat, and WePay raise the possibility of deliberate obfuscation, complicating efforts to trace the true source and purpose." Tails and Tor Merge Operations: The Tor Project, the non-profit that maintains software for the Tor (The Onion Router) anonymity network, is joining forces with Tails (short for The Amnesic Incognito Live System), the maker of a portable Linux-based operating system that uses Tor. "Incorporating Tails into the Tor Project's structure allows for easier collaboration, better sustainability, reduced overhead, and expanded training and outreach programs to counter a larger number of digital threats," the organizations said. The move "feels like coming home," intrigeri, Tails OS team lead said. NIST Proposes New Password Rules: The U.S. National Institute of Standards and Technology (NIST) has outlined new guidelines that suggest credential service providers (CSPs) stop recommending passwords using several character types and stop mandating periodic password changes unless the authenticator has been compromised. Other notable recommendations include passwords should be anywhere between 15 and 64 characters long and CSPs should allow ASCII and Unicode characters to be included in passwords. PKfail More Broader Than Previously Thought: A critical firmware supply chain issue known as PKfail (CVE-2024-8105), which allows attackers to bypass Secure Boot and install malware, has been now found to impact more devices, including medical devices, desktops, laptops, gaming consoles, enterprise servers, ATMs, PoS terminals, and even voting machines. Binarly has described PKfail as a "great example of a supply chain security failure impacting the entire industry." Microsoft Revamps Recall: When Microsoft released its AI-powered feature Recall in May 2024, it was met with near instantaneous backlash over privacy and security concerns, and for making it easier for threat actors to steal sensitive data. The company subsequently delayed a wider rollout pending under-the-hood changes to ensure that the issues were addressed. As part of the new updates, Recall is no longer enabled by default and can be uninstalled by users. It also moves all of the screenshot processing to a Virtualization-based Security (VBS) Enclave. Furthermore, the company said it engaged an unnamed third-party security vendor to perform an independent security design review and penetration test.

🔥 Cybersecurity Resources & Insights Upcoming Webinars Overloaded with Logs? Let's Fix Your SIEM: Legacy SIEMs are overwhelmed. The answer isn't more data... It's better oversight. Join Zuri Cortez and Seth Geftic as they break down how we went from data overload to security simplicity without sacrificing performance. Save your seat today and simplify your security game with our Managed SIEM. Strategies to Defeat Ransomware in 2024: Ransomware attacks are up by 17.8%, and ransom payouts are reaching all-time highs. Is your organization prepared for the escalating ransomware threat? Join us for an exclusive webinar where Emily Laufer, Director of Product Marketing at Zscaler, will unveil insights from the Zscaler ThreatLabz 2024 Ransomware Report. Register now and secure your spot! Ask the Expert Q: How can organizations secure device firmware against vulnerabilities like PKfail, and what technologies or practices should they prioritize? A: Securing firmware isn't just about patching—it's about protecting the very core of your devices where threats like PKfail hide in plain sight. Think of firmware as the foundation of a skyscraper; if it's weak, the entire structure is at risk. Organizations should prioritize implementing secure boot mechanisms to ensure only trusted firmware loads, use firmware vulnerability scanning tools to detect and address issues proactively, and deploy runtime protections to monitor for malicious activities. Partnering closely with hardware vendors for timely updates, adopting a zero-trust security model, and educating employees about firmware risks are also crucial. In today's cyber landscape, safeguarding the firmware layer is essential—it's the bedrock of your entire security strategy. Tip of the Week Prevent Data Leaks to AI Services: Protect sensitive data by enforcing strict policies against sharing with external AI platforms, deploying DLP tools to block confidential transmissions, restricting access to unauthorized AI tools, training employees on the risks, and using secure, in-house AI solutions. Conclusion Until next time, remember, cybersecurity is not a sprint, it's a marathon. Stay vigilant, stay informed, and most importantly, stay safe in this ever-evolving digital world. Together, we can build a more secure online future.

Follow Us for More Updates

You may unsubscribe or change your contact details at any time.

Powered by:

Forget ChatGPT: Why Researchers Now Run Small AIs On Their Laptops

ZDNet published a new article this week with their own tips for new Linux users. It begins by arguing that switching to the Linux desktop  ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌ 

ISSUE No. 165 - September 26, 2024

Business agility meets enterprise scale.   SPONSOR Faster than low-code, and more scalable than collaboration and work management tools, Airtable is the digital operations platform for large organizations. Give teams the ability to customize apps to solve unique use cases, while maintaining enterprise-grade governance at scale. Visit Airtable.com to learn more about new capabilties launching today for global companies. Learn More

Forget ChatGPT: Why Researchers Now Run Small AIs On Their Laptops   Nature published an introduction to running an LLM locally, starting with the example of a bioinformatician who's using AI to generate readable summaries for his database of immune-system protein structures. "But he doesn't use ChatGPT, or any other web-based LLM." He just runs the AI on his Mac... Join the discussion at Slashdot.org

SourceForge Podcast   In this discussion, we talk to Michael Foucher, VP of Product at Shift, and Sabrina Banadyga, VP of Marketing at Shift. Shift is a browser that brings all accounts, apps, and workflows together into one seamless online experience. Shift was founded to solve the pain points of managing multiple email accounts and web apps in one browser. Watch the podcast here

Popular Projects Gwyddion A data visualization and processing tool for scanning probe microscopy (SPM, i.e. AFM, STM, MFM, SNOM/NSOM, ...) and profilometry data, useful also for general image and 2D data analysis. Makagiga Makagiga is an open-source, easy-to-use, portable application for doing a variety of tasks, such as todo listing, text editing, or RSS reading. System Informer System Informer is a free and open source process viewer. This multi-purpose tool will assist you with debugging, malware detection and system monitoring. CrystalMark Retro CrystalMark Retro is a comprehensive benchmarking software that supports 32bit (x86), 64bit (x64/ARM64), many-core, and multilingual (48+ languages). PortableApps.com PortableApps.com is the world's most popular portable software solution allowing you to take your favorite software with you.

RingCentral RingEX- #1 Business Phone System   SPONSOR Get more flexibility for your business with RingCentral's award-winning AI powered phone system that works across all your personal devices. Trusted by over 400,000 businesses of all sizes. Get Quote, Try for Free!

Editor's Business Software Picks Below is a diverse set of interesting B2B software vendors that solve unique problems for businesses and have caught our editor's interest: Shift — The first app-integrated power browser - Download Shift for free. Cahoot — Slash shipping costs 30% with Cahoot. GitGuardian — #1 code security. Detects secrets, used by 300K+ devs. 12.8M leaks in 2023. Sourcegraph Cody — Write and fix code faster with AI in JetBrains. Venn — Managed PCs and using VDI can run up to $10,000 per user. Find cheaper options. AIM ERP — Boost Efficiency with AIM ERP Solutions! Introducing HZP — Solfeggio & 432Hz Music App. Social Display — Convert your high-performing Social Media Content into Display ads

A Simple Guide to Data Visualization on Ubuntu for Beginners   Data visualization is not just an art form but a crucial tool in the modern data analyst's arsenal, offering a compelling way to present, explore, and understand large datasets. In the context of Ubuntu, one of the most popular Linux distributions, leveraging the power of data visualization tools can transform complex data into insightful, understandable visual narratives. This guide delves deep into the art and science of data visualization within Ubuntu, providing users with the knowledge to not only create but also optimize and innovate their data presentations. Read more at LinuxJournal.

SourceForge Articles and Q&A Sessions Unlocking Business Intelligence for Short-Term Rentals In the dynamic short-term rental industry, leveraging data has become an essential ingredient for success. Business Intelligence (BI) equips property managers with the tools and insights needed to make informed decisions, streamline operations, and ultimately boost revenue. This article explores the benefits and applications of BI in the vacation rental industry and how to use these tools alongside your property management software, channel manager, or short-term rental website to help property managers stay competitive. Read more on SourceForge.net Five Reasons Why You Need Secure Email in 2024 In an era where digital communication is constantly being transmitted back and forth between individuals and businesses, email remains one of the most prevalent and essential forms of correspondence. Its use spans personal, professional, and institutional contexts, making it a critical component of daily life. However, the inherent vulnerabilities of traditional email systems underscore the need for secure email solutions. Securing sensitive data and personal information has never been more important than it is today. From data breaches to online scams, email spamming, and credit card hacks, the list of reasons why you need cybersecurity – and specifically a secure email solution – in 2024 continues to grow each and every day. Read more on SourceForge.net Zero Trust Network Access (ZTNA) vs VPN In today's interconnected world, ensuring the security of business operations is paramount. As businesses expand globally, the need for secure remote access to company resources becomes increasingly crucial. Small and medium businesses (SMBs), like their larger counterparts, face significant security risks. According to IBM Security, the global average cost of a data breach has reached an all-time high of $4.35 million. Staying updated with the latest in business and network security features is, therefore, essential. Two pivotal technologies in this regard are Virtual Private Networks (VPNs) and Zero Trust Network Access (ZTNA). This article explores the relevance of VPN and ZTNA for SMBs, and how they can be implemented to enhance security and operational efficiency. Read more on SourceForge.net

Conferences and Events (Live and Virtual) IBM TechXchange Conference | October 21 - 24, 2024 Join us this October for an immersive learning experience designed to fuel your AI journey. We'll equip you with the practical skills to apply gen AI to your role and unlock the full potential of the IBM technology you rely on. Experience hands-on watsonx Bootcamp, technology breakouts, and Labs and Certification Testing to elevate your expertise, earn credentials, and exchange insights with peers shaping the future of tech. DevLearn 2024 | November 6 - 8, 2024 DevLearn is North America's largest learning technologies event! It's THE industry-leading event for professionals shaping the future of L&D. DevFest 2024 | September 1 - December 31, 2024 DevFest is an annual distributed tech conference hosted by the Google Developer Groups (GDG) community. GDGs host these events around the globe. API World 2024 | November 12 - 14, 2024 Join thousands of global technical leaders, engineers, software architects, and executives at the world's largest and longest-running API and microservices event.

Final Thoughts If you know someone who is not getting this mailing, encourage them to sign up. Thanks for being part of the SourceForge community! And, if you need to get in touch directly, feel free to send us an email at CommunityTeam@sourceforge.net.

© 2024 Slashdot Media. All Rights Reserved. PO Box 12190, San Diego, CA 92112 Unsubscribe   |   Privacy Policy