SonicWall customers are urged to patch a critical firewall vulnerability that security researchers say is being exploited in ransomware attacks. The improper access control vulnerability in the SonicWall SonicOS management access and SSLVPN could enable unauthorized resource access and crash the firewall. This article continues to discuss the active exploitation of the critical improper access control vulnerability in ransomware attacks.

Intel has released four new advisories, one of which addresses 11 vulnerabilities impacting Unified Extensible Firmware Interface (UEFI) firmware for some server, workstation, mobile, and embedded processors. Over half of the security flaws have received a high severity rating as they can cause local privilege escalation, Denial-of-Service (DoS) attacks, or information disclosure. This article continues to discuss Intel's new advisories regarding 20 vulnerabilities impacting processors and other products.

With over 69,000 financial fraud and cryptocurrency complaints received by the Federal Bureau of Investigation's (FBI) Internet Crime Complaint Center (IC3) in 2023, cryptocurrency losses totaled over $5.6 billion. Overall, cryptocurrency scam losses rose 45 percent since 2022. Losses from cryptocurrency-related investment fraud schemes increased from $2.57 billion in 2022 to $3.96 billion in 2023, a growth of 53 percent. Phishing scams made up more than $9 million in losses, and Business Email Compromise (BEC) connected to cryptocurrency saw losses of over $4 million.

Mordechai Guri of the Ben-Gurion University of the Negev in Israel introduces a new side-channel attack called "RAMBO," which is short for "Radiation of Air-gapped Memory Bus for Offense." It uses radio signals emanated by a device's Random Access Memory (RAM) to exfiltrate data. According to Dr. Guri, with Software-Generated Radio (SDR) signals, malware can encode biometric information, encryption keys, and other sensitive information. An attacker can intercept transmitted raw radio signals from a distance using SDR hardware and a commercially available antenna.

A new data exfiltration method named "PIXHELL," discovered by Mordechai Guri of the Ben-Gurion University of the Negev in Israel, uses noise generated by the pixels on the screen. The PIXHELL attack involves planting malware on an air-gapped computer to steal data. This can be done with social engineering, supply chain attacks, or malicious insiders. This article continues to discuss the PIXHELL attack that uses noise generated by pixels on a screen to exfiltrate data from air-gapped computers.

The Federal Communications Commission (FCC) is accepting applications for administrator roles on a voluntary cybersecurity labeling program to help consumers purchase products less vulnerable to cyberattacks. Those serving as administrators would be authorized to certify the label's use. Accredited research labs will handle device compliance testing. The logo would be on Internet of Things (IoT) products that meet baseline cyber standards. It would be placed together with a QR code that users can scan for more information on the product's security features.

Google recently announced a new Chrome 128 update that addresses five vulnerabilities, including four reported by external researchers.  Google noted that all four externally reported flaws are high-severity memory safety issues that were reported in late August.  The first vulnerability, tracked as CVE-2024-8636, is a heap buffer overflow bug in Skia, the open-source 2D graphics library that serves as the graphics engine in the browser.  Next is CVE-2024-8637, a use-after-free security defect in Media Router.

Golf course management and hospitality company KemperSports Management recently disclosed a data breach impacting the personal information of tens of thousands of individuals.  The company said it became aware of suspicious activity on its network on April 1, 2024.  An investigation revealed that a threat actor had gained access to systems storing personal information, including names and Social Security numbers.  KemperSports told the AG that the data breach impacted more than 62,000 individuals.

Software maker Adobe recently released patches for at least 28 documented security vulnerabilities in a wide range of products and warned that both Windows and macOS users are exposed to code execution attacks.  The most urgent issue, affecting the widely deployed Acrobat and PDF Reader software, covers two memory corruption vulnerabilities that could be exploited to launch arbitrary code.

A group of schools in Washington State has been forced to close for at least two days following a cyberattack.  Highline Public Schools has more than 17,500 students in grades K-12.  The district has 34 schools and 2,000 staff.  Highline Public Schools are working closely with third-party, state, and federal partners to safely restore and test its systems.  Staff at Highline have been told not to use district issued computers and laptops as a precaution, and Highline said it has disconnected its network from the internet.