===================== = End-of-Day report = =====================

Timeframe: Dienstag 23-07-2024 18:00 − Mittwoch 24-07-2024 18:00 Handler: Alexander Riepl Co-Handler: Thomas Pribitzer

===================== = News = =====================

∗∗∗ BreachForums v1 hacking forum data leak exposes members’ info ∗∗∗ --------------------------------------------- The private member information of the BreachForums v1 hacking forum from 2022 has been leaked online, allowing threat actors and researchers to gain insight into its users. --------------------------------------------- https://www.bleepingcomputer.com/news/security/breachforums-v1-hacking-forum...

∗∗∗ SocGholish: Fake update puts visitors at risk ∗∗∗ --------------------------------------------- The SocGholish downloader has been a favourite of several cybercrime groups since 2017. It delivers a payload that poses as a browser update. As any piece of malware, it undergoes an evolutionary process. We have taken a look at the latest developments, which targets Wordpress based websites. --------------------------------------------- https://www.gdatasoftware.com/blog/2024/07/37976-socgholish-fake-update

∗∗∗ Update-Panne bei Microsoft: Windows-Update erfordert Eingabe des Bitlocker-Keys ∗∗∗ --------------------------------------------- Das jüngste Sicherheitsupdate für Windows 10, 11 und gängige Windows-Server-Versionen führt dazu, dass einige Systeme ohne Bitlocker-Key nicht mehr starten. --------------------------------------------- https://www.golem.de/news/update-panne-bei-microsoft-windows-update-erforder...

∗∗∗ NIS-2-Richtlinie: Kabinett beschließt strengere Regeln für Cybersicherheit ∗∗∗ --------------------------------------------- Fast 30.000 Firmen in Deutschland müssen künftig die Sicherheitsvorgaben nach der NIS-2-Richtlinie umsetzen. --------------------------------------------- https://www.golem.de/news/nis-2-richtlinie-kabinett-beschliesst-strengere-re...

∗∗∗ New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273) ∗∗∗ --------------------------------------------- In April, an OS command injection vulnerability in various D-Link NAS devices was made public. The vulnerability, %%CVE:2024-3273%% was exploited soon after it became public. Many of the affected devices are no longer supported. --------------------------------------------- https://isc.sans.edu/diary/New+Exploit+Variation+Against+DLink+NAS+Devices+C...

∗∗∗ Forget security – Googles reCAPTCHA v2 is exploiting users for profit ∗∗∗ --------------------------------------------- Web puzzles dont protect against bots, but humans have spent 819 million unpaid hours solving them Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers affiliated with the University of California, Irvine, argue its harvesting information while extracting human .. --------------------------------------------- https://www.theregister.com/2024/07/24/googles_recaptchav2_labor/

∗∗∗ A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub ∗∗∗ --------------------------------------------- Cybersecurity researchers have spotted a 3,000-account network on GitHub that is manipulating the platform and spreading ransomware and info stealers. --------------------------------------------- https://www.wired.com/story/github-malware-spreading-network-stargazer-gobli...

∗∗∗ Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment ∗∗∗ --------------------------------------------- Siemens has released out-of-band updates to patch two potentially serious vulnerabilities in products used in energy supply. --------------------------------------------- https://www.securityweek.com/siemens-patches-power-grid-product-flaw-allowin...

∗∗∗ New legislation will help counter the cyber threat to our essential services ∗∗∗ --------------------------------------------- The announcement of the Cyber Security and Resilience Bill is a landmark moment in tackling the growing threat to the UKs critical systems. --------------------------------------------- https://www.ncsc.gov.uk/blog-post/legislation-help-counter-cyber-threat-cni

∗∗∗ Malware Campaign Lures Users With Fake W2 Form ∗∗∗ --------------------------------------------- Rapid7 has recently observed an ongoing campaign targeting users searching for W2 forms using the Microsoft search engine Bing. --------------------------------------------- https://www.rapid7.com/blog/post/2024/07/24/malware-campaign-lures-users-wit...

===================== = Vulnerabilities = =====================

∗∗∗ ISC Releases Security Advisories for BIND 9 ∗∗∗ --------------------------------------------- The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition. --------------------------------------------- https://www.cisa.gov/news-events/alerts/2024/07/24/isc-releases-security-adv...