CyberSecurity Knuggets

Apr 17, 2024

Today, I came across several critical cybersecurity issues that demand immediate attention. Firstly, there is a security flaw in the Lighttpd web server used in baseboard management controllers from device vendors like Intel and Lenovo. This flaw remains unpatched and could lead to serious vulnerabilities in these systems. Additionally, there has been an attempt to insert a secret backdoor into XZ Utils, targeting at least three different JavaScript projects, posing a significant threat to their security.

There is also news of a new ransomware and extortion gang called RansomHub, which has published sensitive patient records stolen during a ransomware attack on Change Healthcare. This highlights the urgent need for enhanced security measures to protect sensitive healthcare data. Furthermore, a Nebraska man has been arrested for running a “cryptojacking” operation, demonstrating the ongoing threat of cybercriminal activity.

Other concerning issues include the theft of VoIP and SMS logs for multi-factor authentication messages, the unresponsiveness of Chirp Systems to a remotely exploitable vulnerability in their smart locks, and the proposed order from the US Federal Trade Commission for telehealth company Cerebral to limit the consumer health data it uses for advertising purposes and pay over $7 million for privacy violations. These incidents emphasize the need for strengthened cybersecurity measures and increased vigilance in protecting sensitive data.

In addition, a security flaw in PAN-OS versions 10.2.9-h1, 11.0.4-h1, and 11.1.2-h3 could be exploited by attackers without requiring user interaction, requiring immediate attention to prevent potential exploitation by threat actors. Furthermore, the report stating that 49.6% of all internet traffic in 2023 came from bots, with a significant portion being bad bots, underscores the need for proactive measures to mitigate the impact of bot attacks.

The National Security Agency released a set of best practices for deploying AI systems securely, emphasizing the growing importance of securing AI systems and the need for organizations to prioritize AI security. Lastly, the critical flaw in PuTTY that allows for secret key recovery and the breach at Cisco that led to the unauthorized access of customers’ Duo MFA SMS message logs highlight the continued need for organizations to prioritize cybersecurity and implement robust security measures.

Stay Well!