Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

Microsoft 0-day, Neuberger addresses Munich, trojan steals faces | #ransomware | #cybercrime | #hacking | #aihp

Microsoft warns of new Exchange Server zero-day

This is a critical severity flaw that has already been actively exploited. It carries a CVSS score of 9.8 and is described as a “privilege escalation issue that allows attackers to mount pass-the-hash attacks.” In its advisory, Microsoft states that attackers could “target an NTLM client such as Outlook with an NTLM credentials-leaking type vulnerability.” (CVE-2024-21410)


Neuberger: Pace of ransomware takedown operations isn’t enough

Anne Neuberger, the White House deputy national security advisor for cyber and emerging technologies, speaking to the Munich Cyber Security Conference yesterday, said that despite the success of the FBI takedown of ALPHV/BlackCat in December, the pace and frequency of such actions is not enough to “to raise the cost for would-be attackers…To be more effective, the battle against ransomware actors needs to be more layered than it is now.” The Munich Cyber Security Conference, which kicked off yesterday, runs through to the 18th. It is considered by some to be the Davos of security.

(The Record)

Gold Pickaxe malware steals your face

This iOS and Android trojan uses social engineering to “trick people victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access.” According to security firm Group-IB, the attacks are currently occurring in Thailand and Vietnam and are products of a Chinese threat group known as GoldFactory. In this particular scenario, victims are approached through messages impersonating government authorities or services, prompting them to download fraudulent apps, such as “a fake ‘Digital Pension’ app hosted on websites impersonating Google Play.”

(Bleeping Computer)

US puts bounty on ALPHV/Blackcat associates

U.S. Department of State yesterday announced reward offers of up to $10 million for information leading to the identification or location of leaders of the group behind the ALPHV/Blackcat ransomware variant, as well as rewards of up to $5 million for information leading to the arrest or conviction of those participating in or conspiring or attempting to participate in a ransomware attack using the ALPHV/Blackcat. This follows up on the December takedown of the group’s operations. The announcement says that “over 1,000 victim entities globally have been compromised by ALPHV/Blackcat  actors.”

(Department of State press release and Department of State Reward Notice)

Huge thanks to this week’s episode sponsor, Vanta

From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to and watch their 3-minute product demo.

Zoom patches critical privilege elevation flaw in Windows apps

This flaw affects a range of Zoom Windows-based product versions and carries a CVS score of 9.1. According to Bleeping Computer, the notification sent out by Zoom’s own security team “does not specify how it could be exploited or what the repercussions might be, but … could involve clicking a link, opening a message attachment, or performing some other action that the attacker could leverage.” It is recommended that users update to the latest release of desktop client for Windows, version 5.17.7. A link to the Bleeping Computer story along with all the CVE numbers and products involved is available in the show notes to this episode.

(Bleeping Computer)

FTC promises trouble when privacy policies get changed for AI data mining

In a blog post, the FTC’s Division of Privacy and Identity stated that “companies may be tempted to mine their own user base for pre-existing data to feed AI models despite having privacy and security policies on the books prohibiting the practice.” It points out that AI companies are particularly in their focus, and states, “market participants should be on notice that any firm that reneges on its user privacy commitments risks running afoul of the law.” The commission promises to pursue companies that share consumers’ data with third parties or that use the data for AI training, but who “only inform consumers of this change through a surreptitious, retroactive amendment to its terms of service or privacy policy.”

(The Record)

Aircraft engine leasing company acknowledges cyberattack

Reporting to the Securities and Exchange Commission, the company, Willis Lease Finance Corp., which leases jet engines to commercial airlines, stated that a cybersecurity incident took its systems offline on January 31. Willis has not stated which group was responsible, but the Black Basta ransomware group has already claimed that it stole 910GB of company data related to the aviation company’s customers, staff, and HR department, among other data types, and posted samples of documents on its leak site.

(Dark Reading)

23andMe blames users for data breach

In the ongoing saga of last October’s data breach that affected nearly seven million people, and which has spawned a class action lawsuit on behalf of certain members of specific genetic heritage groups, the company now states that its members are actually to blame. According to The Guardian, 23andMe sent a letter to the customers who were taking legal action, stating “the information that was potentially accessed cannot be used for any harm,” and then placed blame on users themselves who “negligently recycled and failed to update their passwords.” Experts such as Barbara Prainsack, a professor of comparative policy at the University of Vienna and a 23andMe customer, described the company as having had a long time to establish data breach protocols, continuing, “this is almost a textbook case of how things should not be done.” She added that blaming consumers for their own relatively minor security lapses is “morally and politically very dumb.” It should be noted that 23andMe, which New York Magazine writer Lisa Miller calls “The Google of Spit,” now requires two-factor authentication for all users.

(The Guardian and New York Magazine)

Click Here For The Original Source.