The US Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have warned about Iranian threat actors targeting the email accounts of individuals associated with national political organizations and campaigns. According to the agencies' joint advisory, threat actors linked to the Iranian Government's Islamic Revolutionary Guard Corps (IRGC) have targeted government officials, activists, journalists, lobbyists, and more to incite conflict and undermine confidence in US democracy.

Apple's new iPhone mirroring feature has a privacy flaw. Cybersecurity researchers at Sevco found the bug, which allows personal apps on an iPhone to be listed in a company's software inventory when the feature is used on work computers, posing a major privacy risk for employees. This flaw could expose an employee's use of a Virtual Private Network (VPN), dating apps, health apps, and more. This article continues to discuss the root and potential risks of Apple's iPhone mirroring flaw.

The United Nations Office on Drugs and Crime (UNODC) examined Artificial Intelligence (AI) threats in its latest report on cybercrime in Southeast Asia. Cybercriminals have been using generative AI (GenAI) to produce phishing messages in different languages, manipulative chatbots, mass disinformation on social media, and fake documents to get around Know-Your-Customer (KYC) checks. They have also been using it for polymorphic malware that can dodge security software. However, AI-powered cyberattacks involving deepfakes have grown increasingly popular.

According to F5, 70 percent of customer-facing Application Programming Interfaces (APIs) are HTTPS-secured, leaving nearly one-third unprotected. The average organization manages 421 APIs, mostly in public cloud environments. The security model must cover inbound and outbound API traffic as APIs increasingly connect to AI services such as OpenAI. Current practices prioritize inbound traffic, leaving outbound API calls vulnerable. This article continues to discuss the vulnerability of customer-facing APIs and the problem of divided responsibility for API security within organizations.

The UK government has recently launched a new competition designed to encourage young people to pursue careers in cybersecurity.  The UK Cyber Team Competition is open to 18–25-year-olds, who will undertake hands-on cyber exercises designed to push their technical expertise and problem-solving abilities.  According to the government, the competition will include simulations of real-world scenarios in areas like cryptography, digital forensics, web exploitation, and network security, designed to mirror the day-to-day challenges cybersecurity professionals face.

ADT recently announced that an unauthorized party stole encrypted internal data related to employee user accounts.

Security researchers at Barracuda have discovered a new generation of QR code phishing (quishing) attacks.  The researchers found that there are new techniques that have been designed to evade traditional security defenses by including QR codes built from text-based ASCII/Unicode characters rather than the standard static image.  The researchers noted that this tactic is designed to evade optical character recognition (OCR)-based defenses.  In an email, it will look like a traditional QR code.  To a typical OCR detection system, it appears meaningless.

The Australian government recently introduced the country's first standalone cybersecurity law to Parliament.  The new legislation aims to better protect citizens and organizations against a heightened geopolitical and cyber threat environment.  The Cyber Security Bill 2024 covers many areas, including mandating minimum cybersecurity standards for IoT devices and mandatory ransomware reporting for critical infrastructure organizations.

Microsoft has recently patched two zero-day bugs under active exploitation and three that were publicly disclosed in this month’s Patch Tuesday update round.  The first exploited zero-day bug is CVE-2024-43572, a remote code execution (RCE) vulnerability in the Microsoft Management Console with a CVSS score of 7.8.  Threat actors could pair it with phishing, privilege escalation, or network propagation attacks to achieve data exfiltration, lateral movement, system compromise, and deployment of backdoors.

A new automated tool created by cybersecurity researcher Marcus Hitchins helps security professionals scan environments for devices vulnerable to the Common Unix Printing System (CUPS) Remote Code Execution (RCE) flaw disclosed by Simone Margaritelli. The flaw enables arbitrary RCE under certain conditions. Akamai later showed that the flaw allowed for 600x amplification in Distributed Denial-of-Service (DDoS) attacks. This article continues to discuss the CUPS RCE flaw and the tool developed by Hitchins to scan environments for devices exposed to CUPS RCE attacks.