Hello Cybersecuriters! 🤖

Welcome to this week's cybersecurity newsletter! If you would like to be a sponsor, please get in touch with us at [email protected].

This week, we're spotlighting major vulnerabilities, high-profile breaches, and the latest threat intelligence that could impact your organization.

In our Malware and Vulnerabilities section, learn about the Cisco Webex cloud vulnerability affecting organizations worldwide, the TikTok zero-day bug fix that protected high-profile accounts, and the exposure of a fake Bahrain government app designed to steal personal data. We also cover the emergency patches released for Zyxel NAS devices, addressing critical flaws that have been present for months.

Our Breaches and Incidents section reveals the impact of a cyberattack that has paralyzed major London businesses, Google's exposure of thousands of privacy incidents, and a significant breach at Ticketmaster highlighting SaaS data security risks. We share some details around the loss of $308 million in a massive unauthorized leak at DMM Bitcoin and the latest insights on emerging cyber threats.

In Threat Intel & Info Sharing, discover how the TotalRecall exploit abuses Windows vulnerabilities, NIST's new AI risk guides essential for developers and CISOs, and Europol's major bust of a money mule network laundering over €10 million. We also highlight Denmark's raised threat level for destructive cyber attacks and Snowflake's alert on targeted credential attacks.

Finally, our Laws, Policies, and Regulations section covers CISA extending the comment period for new cyber rules, Singapore's updated cybersecurity regulations putting cloud providers on high alert, and the latest tools for DORA implementation to enhance digital operational resilience in financial institutions.

💻 Malware and Vulnerabilities

• Cisco Webex Cloud Vulnerability Alert: Patch Now to Stay Safe!: The vulnerability affected all organizations 'that have a domain such as organisationsname.webex.com,' according to Netzbegrünung.

• TikTok Zero-Day Bug Fixed: High-Profile Accounts No Longer at Risk: As Forbes reported , the exploit used by the attackers to hack the accounts via DMs only needs the targets to open the malicious message and doesn't require downloading a payload or clicking embedded links.

• Fake Bahrain Government App Exposed: Protect Your Data from Financial Fraud: McAfee Mobile Research Team found an InfoStealer Android malware pretending to be a government agency service in Bahrain.

• Zyxel NAS Devices: Emergency Patches Released – Update Immediately: Zyxel just released security fixes for two of its obsolete network-attached storage (NAS) devices after an intern at a security vendor reported critical flaws months ago.

📈 Breaches and Incidents

• Cyberattack Paralyzes Major London Businesses - City in Crisis: Hospitals in London are struggling to deliver pathology services after a ransomware attack at a service partner downed some key systems.

• Google Leak Exposes Thousands of Privacy Incidents: Your Data at Risk: An internal Google database obtained by 404 Media shows Google recording childrens' voices, saving license plates from Street View, and many other self-reported incidents, large and small.

• Chinese Cyber Threats: Triple Attack Targets High-Profile Asian Governments: "Operation Crimson Palace" performed specialized tasks in a broader cyberattack chain, likely under the watch of a single organization.

• Ticketmaster Breach Highlights Alarming SaaS Data Security Risks: MFA and other mechanisms are critical to protect against unauthorized access to data in cloud application environments, but businesses still fall down on the job.

• DMM Bitcoin Loses $308 Million in Massive Unauthorized Leak: Japanese crypto exchange DMM Bitcoin has announced that it has lost 4,502.9 BTC ($308 million) in an "unauthorized leak".

• Dark Web Informer: Latest Insights on Emerging Cyber Threats: A threat actor allegedly has leaked data belonging to Shell dated May 2024.

🚨 Threat Intel & Info Sharing

• TotalRecall Exploit: Windows Vulnerability Abuse Exposed: Ethical hacker Alexander Hagenah has created TotalRecall, a tool that demonstrates how malicious individuals could abuse Windows’ newly announced Recall feature to steal sensitive information.

• NIST's New AI Risk Guides: Essential Reads for Developers and CISOs: Companion publications to NIST’s AI Risk Management Framework explore a long worry list in more detail and are likely to become essential reading for security professionals.

• FBI Warns: Surge in Online Scams Targeting Vulnerable Americans: The FBI warns of scammers offering victims fake work-from-home jobs, typically involving a relatively simple task, such as rating restaurants or "optimizing" a service by repeatedly clicking a button.

• Europol's Major Bust: Money Mule Network Laundered Over €10 Million: Europol has supported a large-scale operation led by Italian and Portuguese authorities against two networks of money-mule recruiters working for a criminal organisation carrying out cryptocurrency scams. Law enforcement from Austria, France, Germany, Romania, Spain and Switzerland were also involved in the investigation, as well as Eurojust.

• Denmark Raises Threat Level for Destructive Cyber Attacks: In light of the threat, CFCS calls on Danish authorities and socially important companies to strengthen cyber preparedness.

• Snowflake Alert: Targeted Credential Attacks on the Rise: Cloud computing and analytics company Snowflake said a "limited number" of its customers have been singled out as part of a targeted campaign.

⚖️ Laws, Policies, and Regulations

• CISA Extends Comment Period for New Cyber Rule: Have Your Say: The Cybersecurity and Infrastructure Security Agency will prolong the comment period for new regulations under the Cyber Incident Reporting for Critical Infrastructure Act for another month after requests from the energy and information technology sectors 

• Singapore's Cybersecurity Update Puts Cloud Providers on High Alert: The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.

• DORA Implementation: New Templates and Tools for Financial Institutions: The European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) today published templates, technical documents and tools for the dry run exercise on the reporting of registers of information in the context of Digital Operation Resilience Act (DORA) announced in April 2024.

📊 Trends, Reports, Analysis

• AI-Driven Cyber Defense: A Breakthrough in Battling Online Threats: Most fake news on Twitter (now X) is spread by an extremely small population called supersharers. They flood the platform and unequally distort political debates, but a clear demographic portrait of these users was not available.

• DarkGate Malware Strikes Again: Now More Dangerous Than Ever: During 2023, DarkGate made a comeback with a version full of new features, becoming one of the most preferred Remote Access Trojans (RATs) by malicious actors.

😊 Picture of the week

We hope you enjoyed your weekly digest! ☕🥮If you want to sponsor our next edition or advertise on our site, drop us an email [email protected].

Thank you for being a part of our newsletter community and you can be part of the community by joining our Discord Community or our LinkedIn Group.