[CERT-daily] Tageszusammenfassung - 24.07.2024

Wed Jul 24 18:12:45 CEST 2024

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 23-07-2024 18:00 − Mittwoch 24-07-2024 18:00
Handler:     Alexander Riepl
Co-Handler:  Thomas Pribitzer

=====================
=       News        =
=====================


∗∗∗ BreachForums v1 hacking forum data leak exposes members’ info ∗∗∗
---------------------------------------------
The private member information of the BreachForums v1 hacking forum from 2022 has been leaked online, allowing threat actors and researchers to gain insight into its users.
---------------------------------------------
https://www.bleepingcomputer.com/news/security/breachforums-v1-hacking-forum-data-leak-exposes-members-info/


∗∗∗ SocGholish: Fake update puts visitors at risk ∗∗∗
---------------------------------------------
The SocGholish downloader has been a favourite of several cybercrime groups since 2017. It delivers a payload that poses as a browser update. As any piece of malware, it undergoes an evolutionary process. We have taken a look at the latest developments, which targets Wordpress based websites.
---------------------------------------------
https://www.gdatasoftware.com/blog/2024/07/37976-socgholish-fake-update


∗∗∗ Update-Panne bei Microsoft: Windows-Update erfordert Eingabe des Bitlocker-Keys ∗∗∗
---------------------------------------------
Das jüngste Sicherheitsupdate für Windows 10, 11 und gängige Windows-Server-Versionen führt dazu, dass einige Systeme ohne Bitlocker-Key nicht mehr starten.
---------------------------------------------
https://www.golem.de/news/update-panne-bei-microsoft-windows-update-erfordert-eingabe-des-bitlocker-keys-2407-187382.html


∗∗∗ NIS-2-Richtlinie: Kabinett beschließt strengere Regeln für Cybersicherheit ∗∗∗
---------------------------------------------
Fast 30.000 Firmen in Deutschland müssen künftig die Sicherheitsvorgaben nach der NIS-2-Richtlinie umsetzen.
---------------------------------------------
https://www.golem.de/news/nis-2-richtlinie-kabinett-beschliesst-strengere-regeln-fuer-cybersicherheit-2407-187391.html


∗∗∗ New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273) ∗∗∗
---------------------------------------------
In April, an OS command injection vulnerability in various D-Link NAS devices was made public. The vulnerability, %%CVE:2024-3273%% was exploited soon after it became public. Many of the affected devices are no longer supported.
---------------------------------------------
https://isc.sans.edu/diary/New+Exploit+Variation+Against+DLink+NAS+Devices+CVE20243273/31102


∗∗∗ Forget security – Googles reCAPTCHA v2 is exploiting users for profit ∗∗∗
---------------------------------------------
Web puzzles dont protect against bots, but humans have spent 819 million unpaid hours solving them Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers affiliated with the University of California, Irvine, argue its harvesting information while extracting human ..
---------------------------------------------
https://www.theregister.com/2024/07/24/googles_recaptchav2_labor/


∗∗∗ A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub ∗∗∗
---------------------------------------------
Cybersecurity researchers have spotted a 3,000-account network on GitHub that is manipulating the platform and spreading ransomware and info stealers.
---------------------------------------------
https://www.wired.com/story/github-malware-spreading-network-stargazer-goblin/


∗∗∗ Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment ∗∗∗
---------------------------------------------
Siemens has released out-of-band updates to patch two potentially serious vulnerabilities in products used in energy supply.
---------------------------------------------
https://www.securityweek.com/siemens-patches-power-grid-product-flaw-allowing-backdoor-deployment/


∗∗∗ New legislation will help counter the cyber threat to our essential services ∗∗∗
---------------------------------------------
The announcement of the Cyber Security and Resilience Bill is a landmark moment in tackling the growing threat to the UKs critical systems.
---------------------------------------------
https://www.ncsc.gov.uk/blog-post/legislation-help-counter-cyber-threat-cni


∗∗∗ Malware Campaign Lures Users With Fake W2 Form ∗∗∗
---------------------------------------------
Rapid7 has recently observed an ongoing campaign targeting users searching for W2 forms using the Microsoft search engine Bing.
---------------------------------------------
https://www.rapid7.com/blog/post/2024/07/24/malware-campaign-lures-users-with-fake-w2-form/


=====================
=  Vulnerabilities  =
=====================


∗∗∗ ISC Releases Security Advisories for BIND 9 ∗∗∗
---------------------------------------------
The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition.
---------------------------------------------
https://www.cisa.gov/news-events/alerts/2024/07/24/isc-releases-security-advisories-bind-9

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily