"ICQ Messenger shuts down after almost 28 years."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 26 May 2024, 1345 UTC.

Content and Source:  https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895/Security News Bundle.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net),

Security News Bundle

64

MOST POPULAR

ICQ messenger shuts down after almost 28 years

ICQ shutting down on June 26

•

2KBleepingComputer / 1d

The ICQ messaging app is shutting down on June 26th, marking the end of a much-beloved communication application. [...]

Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs / 1h

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fake AV websites used to distribute info-stealer malware MITRE December 2023 attack: Threat actors created rogue VMs to evade detection An XSS fla

Man behind deepfake Biden robocall indicted on felony charges, faces $6M fine

Political consultant indicted for deep-faked

•

28The Register – Security / 1d

FCC wants to hit this political genius with first-of-a-kind punishment The political consultant who admitted paying $150 to create a deepfake anti-Biden robocall has been indicted on charges of felony voter suppression and misdemeanor impersonation of a candidate.…

YESTERDAY

Malware-laced JAVS Viewer deploys RustDoor implant in supply chain attack

IoC > 2 hashes

•

Security Affairs / 9h

•

6 TTPs

•

JAVS Viewer compromised in supply chain attack

Malicious actors compromised the JAVS Viewer installer to deliver the RustDoor malware in a supply chain attack. Rapid7 researchers warned that threat actors added a backdoor to the installer for the Justice AV Solutions JAVS Viewer software. The attackers were able to inject a backdoor in the JAVS Viewer v8.3.7 installer that is being distributed from the JAVS’ servers. Justice AV Solutions (JAV

Arc browser’s Windows launch targeted by Google ads malvertising

2 TTPs

•

68BleepingComputer / 14h

A new Google Ads malvertising campaign, coinciding with the launch of the Arc web browser for Windows, was tricking people into downloading trojanized installers that infect them with malware payloads. [...]

Indian man stole $37 million in crypto using fake Coinbase Pro site

2 TTPs

•

45BleepingComputer / 14h

•

Indian national Chirag Tomar pleads guilty to

An Indian national pleaded guilty to wire fraud conspiracy for stealing over $37 million through a fake Coinbase website used to steal credentials. [...]

Cencora data breach exposes US patient info from 11 drug companies

Cencora notifies Americans of data breach

•

BleepingComputer / 14h

Some of the largest drug companies in the world have disclosed data breaches due to a February 2024 cyberattack at Cencora, whom they partner with for pharmaceutical and business services. [...]

Fake AV websites used to distribute info-stealer malware

IoC > 3 domains

•

Security Affairs / 15h

•

2 TTPs

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. In mid-April 2024, researchers at Trellix Advanced Research Center team spotted multiple fake AV sites used to distribute info-stealers. The malicious websites hosted sophisticated malicious files such as APK, EXE and Inno setup installer, including Sp

Experts Find Flaw in Replicate AI Service Exposing Customers' Models and Data

83The Hacker News / 1d

Cybersecurity researchers have discovered a critical security flaw in an artificial intelligence (AI)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information. "Exploitation of this vulnerability would have allowed unauthorized access to the AI prompts and results of all Replicate's platform customers,"

MITRE December 2023 attack: Threat actors created rogue VMs to evade detection

7 TTPs

•

Security Affairs / 1d

•

MITRE cyber attack by hackers

The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update about the December 2023 attack . In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks. The security team at the organization promptly launched an investigation, lo

MAY 24, 2024

Hacker defaces spyware app’s site, dumps database and source code

2 TTPs

•

86BleepingComputer / 1d

•

Spyware found on Wyndham hotels

​​A hacker has defaced the website of the pcTattletale spyware application, found on the booking systems of several Wyndham hotels in the United States, and leaked over a dozen archives containing database and source code data. [...]

Best Buy and Geek Squad were most impersonated orgs by scammers in 2023

Best Buy most impersonated company

•

The Register – Security / 1d

But criminals posing as Microsoft workers scored the most ill-gotten gains The Federal Trade Commission (FTC) has shared data on the most impersonated companies in 2023, which include Best Buy, Amazon, and PayPal in the top three.…

An XSS flaw in GitLab allows attackers to take over accounts

Account Manipulation (Enterprise T1098)

•

Security Affairs / 1d

GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked as CVE-2024-4835 , that allows attackers to take over user accounts. An attacker can exploit this issue by using a specially crafted page to exfiltrate sensitive user information. The vulnerability impac

Potent youth cybercrime ring made up of 1,000 people, FBI official says

CyberScoop / 1d

An aggressive, nebulous ring of young cybercriminals linked to a string of recent high-profile breaches is made up of approximately 1,000 people, a senior FBI official said Friday. In remarks Friday at the cybercrime-focused Sleuthcon conference, Bryan Vorndran, assistant director of the FBI’s Cyber Division, described the group best known as Scattered Spider as a “very, very large, expansive, di

Suspected supply chain attack backdoors courtroom recording software

10 TTPs

•

The Register – Security / 1d

An open and shut case, but the perps remain at large – whoever they are Justice is served… or should that be saved now that audio-visual software deployed in more than 10,000 courtrooms is once again secure after researchers uncovered evidence that it had been backdoored for weeks.…

Microsoft: Windows 24H2 will remove Cortana and WordPad apps

Windows 11 24H2 update previewed

•

1KBleepingComputer / 1d

Microsoft says the Cortana, Tips, and WordPad applications will be automatically removed on systems upgraded to the upcoming Windows 11 24H2 release. [...]

The best VPN for streaming in 2024: Expert tested and reviewed

ZDNet | Security / 1d

We tested the best VPNs for streaming that can unblock popular streaming services like Netflix, Disney+, and Hulu, from anywhere in the world.

Microsoft's 'Recall' Feature Draws Criticism From Privacy Advocates

Microsoft launches Recall tool for Windows 11

•

Dark Reading / 1d

Despite Microsoft's reassurances, multiple security researchers describe the technology as problematic for users and their organizations.

Research From Claroty's Team82 Highlights Remote Access Risks Facing Mission-Critical OT Assets

Claroty reveals OT asset risks

•

Dark Reading / 1d

[no content]

Microsoft Copilot fixed worldwide after 24 hour outage

Microsoft outage affects Bing

•

400+BleepingComputer / 1d

After over a 24-hour outage, Microsoft's Bing, Copilot, and Copilot in Windows services are back online worldwide, with no information released as to what caused the problem. [...]

Apple explains why iOS 17.5 restored your deleted photos - and what you can do now

iOS 17.5 glitch resurfaces deleted photos

•

ZDNet | Security / 1d

Here's how iPhone and iPad users can make sure that deleted images are absolutely, positively gone forever.

Attempts to Regulate AI’s Hidden Hand in Americans’ Lives Flounder in US Statehouses

Colorado passes groundbreaking AI law

•

SecurityWeek / 1d

Only one of seven bills aimed at preventing AI’s penchant to discriminate when making consequential decisions — including who gets hired, money for a home or medical care — has passed. The post appeared first on SecurityWeek .

AI Voice Generator App Used to Drop Gipy Malware

2 TTPs

•

Dark Reading / 1d

•

Malware disguises as AI tools

Users get duped into downloading malicious files disguised to look like an application that uses artificial intelligence to alter voices.

Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack

6 TTPs

•

95The Hacker News / 1d

The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the threat actor creating rogue virtual machines (VMs) within its VMware environment. "The adversary created their own rogue VMs within the VMware environment, leveraging compromised vCenter Server access,"

Cencora data breach exposes US patient info from 8 drug companies

Cencora notifies Americans of data breach

•

33BleepingComputer / 1d

Some of the largest drug companies in the world have disclosed data breaches due to a February 2024 cyberattack at Cencora, whom they partner with for pharmaceutical and business services. [...]

The best VPN services for iPhone and iPad in 2024: Expert tested and reviewed

80ZDNet | Security / 1d

We went hands-on with the best VPNs for your iPhone and iPad to find the best iOS VPNs to help you stream content and surf the web while keeping your devices safe.

Google Discovers Fourth Zero-Day in Less Than a Month

24Dark Reading / 1d

The tech company has rolled out fixes for a type confusion vulnerability that has already been exploited by malicious actors.

New ShrinkLocker ransomware uses BitLocker to encrypt your files

7 TTPs

•

400+BleepingComputer / 1d

•

Ransomware exploits BitLocker encryption

A new ransomware strain called ShrinkLocker creates a new boot partition to encrypt corporate systems using Windows BitLocker. [...]

JAVS Courtroom Audio-Visual Software Installer Serves Backdoor

JAVS Viewer compromised in supply chain attack

•

Packet Storm Security / 1d

[no content]

Google Patches Fourth Chrome Zero Day In Two Weeks

Packet Storm Security / 1d

[no content]

London Drugs Waiting On LockBit's Next Move

London Drugs investigating potential data breach

•

Packet Storm Security / 1d

[no content]

Three-Year-Old Apache Flink Flaw Under Active Attack

Packet Storm Security / 1d

[no content]

Google fixes eighth actively exploited Chrome zero-day this year, the third in a month

Security Affairs / 1d

Google rolled out a new emergency security update to fix another actively exploited zero-day vulnerability in the Chrome browser. Google has released a new emergency security update to address a new vulnerability, tracked as CVE-2024-5274, in the Chrome browser, it is the eighth zero-day exploited in attacks disclosed this year. The vulnerability is a high-severity ‘type confusion’ in the V8 Java

When 'No' & 'Good Enough' Challenge Cybersecurity

Dark Reading / 1d

As the digital landscape evolves, these words must become an impetus for innovation and dialogue, not insurmountable barriers.

The SEC's SolarWinds Case: What CISOs Should Do Now

Dark Reading / 1d

The SEC's lawsuit may take years to resolve through litigation, but here are five things CISOs should do now to protect both themselves as individuals as well as their organizations.

Beware: These Fake Antivirus Sites Spreading Android and Windows Malware

IoC > 3 domains

•

100+The Hacker News / 1d

•

Input Capture (Mobile T1417)

Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. "Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their devices

JAVS Courtroom Audio-Visual Software Installer Serves Backdoor

4 TTPs

•

SecurityWeek / 2d

•

CVE-2024-4978

Backdoored JAVS courtroom recording and management software installer puts thousands at risk of complete takeover. The post appeared first on SecurityWeek .

Averlon Emerges From Stealth Mode With $8 Million in Funding

Averlon secures $10.5M funding

•

SecurityWeek / 2d

Averson secures seed funding to build technology that uses AI to identify cloud security weaknesses and counter cyberattacks. The post appeared first on SecurityWeek .

Almost all citizens of city of Eindhoven have their personal data exposed

Graham Cluley / 2d

A data breach involving the Dutch city of Eindhoven left the personal information related to almost all of its citizens exposed. And then they chose not to tell the affected 221,511 people about it. Read more in my article on the Hot for Security blog.

Future-Proof Your Cybersecurity AI Strategy

Dark Reading / 2d

An effective, long-term XDR strategy will address the ongoing need for rapid analysis and continual vetting of the latest threat intelligence.

Monetize Magnet – Understanding What This Crypto CPA Network Provides to Affiliate Marketers

IT Security Guru / 2d

The one thing that every affiliate marketer would want is to have an advanced and robust network by their side. It ensures that you have all the right tools and features to progress with your affiliate marketing efforts. How does it do that you may ask? Well, it allows you to find the right crypto CPA network and affiliate program. So, if you are looking for a robust network, then this Monetize M

CyberArk Goes All In on Machine Identity With Venafi Deal

CyberArk to acquire Venafi

•

Dark Reading / 2d

CyberArk's $1.54 billion agreement to buy Venafi is a sign of how human and machine identities will converge with certificate life cycle management.

In Other News: China’s Undersea Spying, Hotel Spyware, Iran’s Disruptive Attacks

SecurityWeek / 2d

Noteworthy stories that might have slipped under the radar: Chinese repair ships might be spying on undersea communications, spyware found at hotel check-ins, UK not ready for China threat. The post appeared first on SecurityWeek .

How Do Hackers Blend In So Well? Learn Their Tricks in This Expert Webinar

39The Hacker News / 2d

Don't be fooled into thinking that cyber threats are only a problem for large organizations. The truth is that cybercriminals are increasingly targeting smaller businesses, and they're getting smarter every day. Join our FREE