CyberSecurity Newsletter 6th May 2024

                May 6, 2024

            CyberSecurity Newsletter 6th May 2024

            CyberSecurity Newsletter 6th May 2024

In this week’s news: Lockbit site seized again, Microsoft update breaks VPN, UK bans default passwords on IoT, Dell breach for sale, Dropbox Sign hacked, the cyber risk of dating apps and critical vulnerabilities on OpenVpn.

Critical OpenVPN Zero-Day Flaws Affecting Millions of Endpoints Across the Globe:
https://cybersecuritynews.com/openvpn-zero-day-flaws/

Microsoft has confirmed that it won't provide an automated fix for a known issue causing 0x80070643 errors when installing recent Windows Recovery Environment (WinRE) updates. The problematic updates were issued during the January 2024 Patch Tuesday to fix CVE-2024-20666, a BitLocker encryption bypass vulnerability that allows attackers to access encrypted data:
https://www.bleepingcomputer.com/news/microsoft/microsoft-wont-fix-windows-0x80070643-errors-manual-fix-required/

The ransomware gang that hacked into U.S. health tech giant Change Healthcare used a set of stolen credentials to remotely access the company’s systems that weren’t protected by multifactor authentication (MFA), according to the chief executive of its parent company, UnitedHealth Group:
https://techcrunch.com/2024/04/30/uhg-change-healthcare-ransomware-compromised-credentials-mfa

UK becomes first country to ban default bad passwords on IoT devices:
https://therecord.media/united-kingdom-bans-defalt-passwords-iot-devices

A threat actor reportedly sells a database containing 49 million user records from Dell:
https://gbhackers.com/threat-actor-claims-selling/

Grafana Tool Vulnerability Let Attackers Inject SQL Queries:
https://gbhackers.com/grafana-tool-vulnerability/

Dropbox Sign was hacked by scrotes unknown, the cloud company confirmed. It uncovered the breach a week ago, but we still don’t know when the actual hack happened:
https://securityboulevard.com/2024/05/dropbox-sign-hack-richixbw/

Hacktivists exploiting poor cyber hygiene at critical infrastructure providers:
https://www.cybersecuritydive.com/news/hacktivists-exploiting-cyber-critical-infrastructure/714950/

Internal Data Breach at J.P. Morgan Impacts Over 450,000 Individuals:
https://cyberinsider.com/internal-data-breach-at-j-p-morgan-impacts-over-450000-individuals/

Two vulnerabilities have been identified in pgAdmin of PostgreSQL, which are associated with cross-site scripting and multi-factor authentication bypass:
https://cybersecuritynews.com/pgadmin-security-flaws/

The US government’s cybersecurity agency CISA published a series of guidelines to protect critical infrastructure against AI-based attacks:
https://www.dhs.gov/sites/default/files/2024-04/24_0426_dhs_ai-ci-safety-security-guidelines-508c.pdf

Researchers discovered a vulnerability in an archived Apache project, highlighting the risk of using outdated third-party dependencies, where attackers can exploit the way package managers prioritize public repositories to install a malicious package with the same name as a legitimate private dependency:
https://cybersecuritynews.com/vulnerability-found-in-an-archived-apache-project/

A previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system (DNS) activities in a likely effort to evade security measures and conduct reconnaissance of networks across the world since October 2019:
https://thehackernews.com/2024/04/china-linked-muddling-meerkat-hijacks.html

Finland's Transport and Communications Agency (Traficom) is warning about an ongoing Android malware campaign attempting to breach online bank accounts:
https://www.bleepingcomputer.com/news/security/finland-warns-of-android-malware-attacks-breaching-bank-accounts/

Ethical Chaos Bsides talk on Okta backdoor is available:
https://github.com/CCob/okta-terrify

Dating apps ask people to disclose all kinds of personal information in the hope of them finding love, or at least a hook-up. What many may not know is that the majority of these lonely-hearts corners vacuum up way more user info than they need to, and they also do a terrible job safeguarding private data that they've collected:
https://www.theregister.com/2024/05/04/dating_apps_privacy_mozilla/

Microsoft has confirmed that the April 2024 Windows security updates break VPN connections across client and server platforms. The company explains on the Windows health dashboard that "Windows devices might face VPN connection failures after installing the April 2024 security update or the April 2024 non-security preview update.":
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-april-windows-updates-break-vpn-connections/

Linux Kernel Vulnerability (CVE-2024-26925) Let Hackers Access Unauthorized Data:
https://cybersecuritynews.com/linux-kernel-vulnerability/

British lawmakers want to stop the sale of insecure devices. In addition to banning easily guessed passwords, the Product Security and Telecommunications Infrastructure Act (PSTI) says vendors must disclose how long the device will be supported:
https://securityboulevard.com/2024/04/uk-iot-psti-act-richixbw/

Oversecured found and resolved significant mobile security vulnerabilities in Xiaomi devices:
https://blog.oversecured.com/20-Security-Issues-Found-in-Xiaomi-Devices/

Lockbit Ransomware group’s website has been seized again:
https://therecord.media/lockbit-ransomware-gang-seized-site-reappears-teasing-new-information

A local authority has announced it will ban apostrophes on street signs to avoid problems with computer systems:
https://www.bbc.com/news/uk-england-york-north-yorkshire-68942321

Gov to set up identity credential misuse app:
https://www.itnews.com.au/news/gov-to-set-up-identity-credential-misuse-app-607702

                Don't miss what's next. Subscribe to BagheeraAltered's CyberSecurity Newsletter: