Microsoft has recently patched two zero-day bugs under active exploitation and three that were publicly disclosed in this month’s Patch Tuesday update round.  The first exploited zero-day bug is CVE-2024-43572, a remote code execution (RCE) vulnerability in the Microsoft Management Console with a CVSS score of 7.8.  Threat actors could pair it with phishing, privilege escalation, or network propagation attacks to achieve data exfiltration, lateral movement, system compromise, and deployment of backdoors.

A new automated tool created by cybersecurity researcher Marcus Hitchins helps security professionals scan environments for devices vulnerable to the Common Unix Printing System (CUPS) Remote Code Execution (RCE) flaw disclosed by Simone Margaritelli. The flaw enables arbitrary RCE under certain conditions. Akamai later showed that the flaw allowed for 600x amplification in Distributed Denial-of-Service (DDoS) attacks. This article continues to discuss the CUPS RCE flaw and the tool developed by Hitchins to scan environments for devices exposed to CUPS RCE attacks.

Katina Michael, a professor in the School for the Future of Innovation in Society and School of Computing and Augmented Intelligence at Arizona State University, calls for better measures to secure sensitive biometric data. Biometric data refers to the unique physical characteristics of a person, including voice, fingerprint, palm, face, and DNA. Such data can help hackers carry out cybercriminal activities. This article continues to discuss Michael's insights and recommendations regarding cybersecurity and privacy for biometrics.

"Q-Day," when quantum computers can break existing cryptographic algorithms, is predicted to happen within the next decade, leaving digital information vulnerable under current encryption protocols. Post-Quantum Cryptography (PQC) is one of the top priorities for the security community as it works to build and implement encryption capable of withstanding post-quantum threats and attacks. This article continues to discuss the latest efforts aimed at helping with the creation, development, and migration to PQC.

Users looking for game cheats are being tricked into downloading Lua-based malware that can establish persistence on infected systems and deliver additional payloads. Morphisec researcher Shmuel Uzan explained that these attacks take advantage of the popularity of Lua gaming engine supplements. This malware strain is widely distributed throughout North America, South America, Europe, Asia, and Australia. This article continues to discuss the delivery of Lua-based malware through fake cheating script engines.

DataDome's "2024 Global Bot Security Report" found that 95 percent of advanced bot attacks go undetected, emphasizing the need for better detection and mitigation strategies. Some organizations may have basic defenses but need to prepare for more sophisticated attacks involving Artificial Intelligence (AI) and Machine Learning (ML). Recent statistics show that organizations must prioritize and strengthen security against bot attacks. According to DataDome, 65 percent of websites are vulnerable to bot attacks. This article continues to discuss recent findings regarding bot attacks.

"GoldenJackal," an Advanced Persistent Threat (APT) hacking group, successfully breached air-gapped government systems in Europe. The APT group used two custom toolsets to steal sensitive data such as emails, encryption keys, images, archives, and documents. According to ESET, this occurred at least twice against the embassy of a South Asian country in Belarus and a European government organization. This article continues to discuss new findings regarding GoldenJackal's attacks on air-gapped government systems. 

According to the security vendor Egress, phishing attempts increased 28 percent in the second quarter of the year as threat actors gained new tools. An analysis of phishing kits offered for sale on the dark web found that 75 percent advertised Artificial Intelligence (AI) capability. This article continues to discuss findings regarding the rise in phishing attacks.

SC Media reports "Phishing Attacks Armed With AI Capabilities Are on the Rise"

Submitted by grigby1

The 2024 "Tenable Cloud Risk Report" found that 38 percent of organizations worldwide face critical exposures due to a mix of security gaps in modern cloud environments. The report identified a "toxic cloud triad" of publicly exposed, critically vulnerable, and highly privileged cloud workloads that put these companies at risk. This triad makes them vulnerable to cyberattacks that could disrupt applications, take over systems, and steal data. This article continues to discuss key findings regarding cloud security risks.