THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21

The latest cybersecurity updates reveal a continuous influx of security vulnerabilities and breaches highlighting the persistent threats businesses and users face. This week’s focus is particularly on high-profile vulnerabilities, international hacking activities, and significant legal matters related to cybersecurity.

The most alarming development is the critical flaw found in Fortinet’s FortiManager, designated CVE-2024-47575, which bears a CVSS score of 9.8 and allows for unauthenticated remote code execution. This vulnerability has been actively exploited by an unidentified actor, with cybersecurity firm Mandiant tracking it under the name UNC5820.

Cybersecurity researchers have also identified severe cryptographic flaws across five cloud storage providers, including Sync and Tresorit. These vulnerabilities could potentially allow attackers to manipulate file data or access plaintext, but they require prior access to the server to be exploited.

In addition, the Lazarus Group, a North Korean hacking organization, has been linked to exploiting a zero-day vulnerability in Google Chrome (CVE-2024-4947). This exploit, which allowed remote control over devices, was executed through a deceptive website that masqueraded as an online gaming platform, luring victims into unwittingly triggering the exploit.

Another significant issue was found in the AWS Cloud Development Kit, where a security flaw could lead to an account takeover. Amazon has since patched this vulnerability in the latest version, ensuring users are no longer susceptible to this particular threat.

Legal actions are also making headlines; the U.S. Securities and Exchange Commission (SEC) has charged four companies, including Avaya and Check Point, for making misleading disclosures about the SolarWinds cyberattack, notably downplaying the severity and implications of the breach that occurred in 2020.

Further, four members of the REvil ransomware gang were sentenced to prison in Russia, following their arrest as part of an operation that targeted large organizations. This sentencing exemplifies the ongoing fight against ransomware operators, although it remains a pressing issue in cybersecurity.

In more corporate news, Delta Air Lines has initiated legal proceedings against CrowdStrike, alleging breach of contract and negligence due to a major service outage that caused significant travel disruptions and financial losses. Delta accuses CrowdStrike of failing to conduct necessary testing, while CrowdStrike defends against the claims, arguing they stem from misinformation.

Meta has announced improvements in WhatsApp’s security concerning contact storage with its new Identity Proof Linked Storage system (IPLS), which enhances privacy for users by storing contacts securely within the app. This move follows an independent security assessment revealing issues that have since been resolved.

The Salt Typhoon hacking group has come under U.S. investigation for unauthorized intrusions into telecom networks, with implications suggesting potential political espionage. This highlights the increasing risks associated with telecommunications infrastructure.

Identifying fraudulent schemes, especially related to identity fraud involving potential hires, remains challenging. A recent report suggests that while North Korea has sought to deceive companies, such fraudulent activities are widespread and need rigorous verification processes to mitigate risks.

Finally, researchers are discovering new methods that manipulate AI-generated content, showcasing the vulnerabilities of AI tools. Techniques that allow attackers to alter or remove digital watermarks from images highlight the urgent need for enhanced security measures in AI applications.

As cybersecurity evolves, vigilance remains paramount. Awareness of these threats and proactive measures can significantly enhance organizational and personal digital safety. The current landscape underscores the reality that cybersecurity requires ongoing attention, education, and proactive strategies to combat emerging threats effectively.