According to Symantec, the "Black Basta" ransomware group may have exploited a recently patched Windows privilege escalation vulnerability. The Windows error reporting service privilege escalation vulnerability allows an attacker to gain system privileges. Symantec found evidence that the Black Basta group may have exploited this vulnerability as a zero-day. The company discovered a tool that exploits the flaw to start a shell with administrative privileges.

Fortinet recently announced patches for multiple vulnerabilities in FortiOS and other products, including several flaws leading to code execution.  The most severe vulnerability is CVE-2024-23110 (CVSS score of 7.4), which collectively tracks multiple stack-based buffer overflow security defects in the platform’s command line interpreter.  Successful exploitation of the high-severity flaw may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.

GuidePoint Security has discovered that the "Scattered Spider" cybercrime group is an affiliate of the "RansomHub" Ransomware-as-a-Service (RaaS) operator. Based on observed tactics, techniques, and procedures (TTPs), the researchers believe that at least some of Scattered Spider, a former ALPHV/BlackCat affiliate, is now running ransomware with RansomHub. This article continues to discuss Scattered Spider's link to RansomHub.

NYU Tandon School of Engineering researchers are proposing new measurement methods to better identify and quantify flaws in popular web browser extensions that are supposed to protect user privacy and block online ads. The team analyzed over 40,000 user reviews of seven popular privacy-preserving Chrome extensions. The researchers found five major user concerns: performance, web compatibility, data and privacy policy, effectiveness, and default configurations. They found a gap between user expectations and what the extensions actually provide.

Authorities in the UK recently made two arrests in an investigation into a large smishing campaign relying on an illegal phone mast.  The suspects were located in Manchester and London and allegedly used a homemade mobile antenna to send thousands of phishing SMS messages to unsuspecting individuals.  The police noted that the messages were crafted to mimic those of banks and other official organizations, and the illegal SMS blaster allowed the perpetrators to bypass the protections put in place by mobile phone networks to block suspicious text messages.

According to a new study by Bitdefender, over 70% of cybersecurity professionals often have to work weekends to address security concerns in their organizations.  The company noted that this intense workload appears to correlate strongly with job dissatisfaction, with around two-thirds (64%) of the 1200 cyber professionals surveyed stating that they are planning on looking for a new job in the next 12 months.  In the US, the figures were 70.2% (work weekends) and 62.2% (looking for a new job), respectively.

MITRE says the next presidential administration must prepare the US for quantum computing that can outperform current encryption methods. In a recent advisory document, MITRE calls on the next presidential administration to prioritize quantum computing advances, critical infrastructure protections, cyber leadership roles, and implementing a Zero Trust (ZT) framework for the federal government. Current cryptographic systems use complex mathematical algorithms that traditional computers find difficult to solve.

The University of Arkansas is leading a collaborative effort with several universities, laboratories, and industry partners to strengthen solar inverter cybersecurity as part of a US Department of Energy (DOE) project. Solar inverters are key in the conversion of the Direct Current (DC), generated by solar panels, into Alternating Current (AC) for households and the energy grid. However, as the solar energy landscape evolves, so do cybersecurity threats. This article continues to discuss the project aimed at bolstering the cybersecurity measures of solar inverters.

A ransomware attack on the pathology and diagnostic services provider Synnovis, which disrupted operations at several London healthcare organizations, has prompted the UK National Health Service (NHS) to issue an urgent call for O-type blood donations. A ransomware attack forced affected hospitals to cancel some procedures and redirect patients. The Qilin ransomware gang is believed to have been behind the attack. This article continues to discuss the UK NHS issuing an urgent call for O-type blood donations following the recent ransomware attack that hit several London hospitals.  

Abnormal Security found that hacking groups still prefer phishing. In its latest report, "Email Security Threats in Europe: Insights into Attack Trends," the email security provider discovered that phishing attacks targeting organizations in Europe rose 112.4 percent between April 2023 and April 2024. The US saw a 91.5 percent increase. Business Email Compromise (BEC) is rising, with BEC attacks faced by US businesses increasing by 72.2 percent and by 123.8 percent for European businesses. This article continues to discuss key findings from Abnormal Security on email security threats.