Google Urgently Patches Actively Exploited Chrome Zero-Day Vulnerability
Microsoft Patches 97 Flaws, Including Active Ransomware Exploit
Microsoft has released security updates to fix a total of 97 flaws impacting its software, one of which has been actively exploited in ransomware attacks. Seven bugs are rated Critical and 90 are rated Important in severity. The actively exploited flaw is CVE-2023-28252, a privilege escalation bug in the Windows Common Log File System (CLFS) Driver. Russian cybersecurity firm Kaspersky reported that the vulnerability has been weaponized by a cybercrime group to deploy Nokoyawa ransomware against small and medium-sized businesses in the Middle East, North America, and Asia.
Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen
Open-source media player software provider Kodi confirmed a data breach after threat actors stole the company’s MyBB forum database containing user data and private messages. The data dump, comprising 400,635 Kodi users, was attempted to be sold on the now-defunct BreachForums cybercrime marketplace. Kodi stated that there is no evidence of unauthorized access to the underlying server hosting the MyBB software, suggesting credential theft. Users are recommended to change their passwords on other sites if the same password has been used.
New Python-Based “Legion” Hacking Tool Emerges on Telegram
A new Python-based credential harvester and hacking tool named Legion is being marketed via Telegram for threat actors to break into various online services for further exploitation. Legion includes modules for SMTP server enumeration, remote code execution attacks, and exploits for unpatched Apache versions. The malware’s primary goal is to enable threat actors to hijack the services and weaponize the infrastructure for follow-on attacks, including mass spam and opportunistic phishing campaigns.
WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks
WhatsApp has announced a new account verification feature called Device Verification to prevent account takeover attacks. This security measure is designed to block threat actors’ connections and allow targets of malware infections to use the app without interruption. The feature is part of a broader set of new enhancements that authenticate and verify users’ identities, including displaying alerts when there is an attempt to migrate a WhatsApp account from one device to another.
Google Launches Cybersecurity Initiatives to Strengthen Vulnerability Management
Google has outlined several initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. The company is forming a Hacking Policy Council to ensure new policies and regulations support best practices for vulnerability management and disclosure. Google also emphasized its commitment to publicly disclose incidents when it finds evidence of active exploitation of vulnerabilities across its product portfolio.
Leave a Comment