Information Security News 12-9-2024

Share This Post

FBI Tells Telecom Firms to Boost Security Following Wide-Ranging Chinese Hacking Campaign

Article Link: https://www.securityweek.com/fbi-tells-telecom-firms-to-boost-security-following-wide-ranging-chinese-hacking-campaign/

  • The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have urged telecommunications companies to strengthen their network defenses following a widespread cyber-espionage campaign by Chinese hackers, known as Salt Typhoon.
  • The malicious hackers infiltrated telecom networks to access metadata and, in some instances, the actual content of calls and texts, targeting individuals in government roles.
  • This breach has compromised sensitive communications, threatening personal privacy, national security, and trust in essential systems.
  • Authorities urge telecom firms to enhance their encryption, and are strongly advising the public to migrate toward using encrypted messaging apps.
  • Link to CISA’s Guide: https://www.cisa.gov/news-events/news/cisa-nsa-fbi-and-international-partners-publish-guide-protecting-communications-infrastructure 

Vodka Maker Stoli Files for Bankruptcy in U.S. After Ransomware Attack

Article Link: https://www.bleepingcomputer.com/news/security/vodka-maker-stoli-files-for-bankruptcy-in-us-after-ransomware-attack/

  • Stoli Group USA, the U.S. subsidiary of the renowned vodka producer, has filed for Chapter 11 bankruptcy protection.
  • The company attributes its financial challenges to a ransomware attack in August 2024, which disrupted critical IT systems, including the enterprise resource planning (ERP) platform, and forced manual operations across the organization.
  • This cyberattack, coupled with a legal dispute over the Stolichnaya brand and financial difficulties, has led to liabilities ranging from $50 to $100 million.
  • Stoli Group USA plans to restructure its finances during the bankruptcy process, aiming to continue operations and protect employee jobs.

Police Seize Matrix Encrypted Chat Service After Spying on Criminals

Article Link: https://www.bleepingcomputer.com/news/security/police-seize-matrix-encrypted-chat-service-after-spying-on-criminals/

  • Law enforcement authorities across Europe have dismantled MATRIX, an encrypted messaging platform exploited by criminals for illicit activities.
  • The investigation began after discovering the service on a suspect’s phone linked to the 2021 attack on journalist Peter R. de Vries. Over three months, law enforcement intercepted and decoded 2.3 million messages in 33 languages, uncovering extensive criminal operations.
  • This takedown disrupted networks used in drug and arms trafficking, leading to arrests in France and Spain, and additional investigations in Lithuania. The intercepted communications are expected to aid ongoing and future investigations in Europe as well.
  • Authorities stress monitoring encrypted platforms as a level of security to combat organized crime.

Decade-Old Cisco Vulnerability Under Active Exploit

Article Link: https://www.darkreading.com/vulnerabilities-threats/decade-old-cisco-vulnerability-exploit

  • A decade-old vulnerability in Cisco’s Adaptive Security Appliance (ASA) software identified as CVE-2014-2120, is being actively exploited by cybercriminals.
  • The flaw allows attackers to perform cross-site scripting (XSS) attacks through the WebVPN login page by tricking users into clicking malicious links.
  • Despite being identified in 2014, many systems remain unpatched, leaving organizations vulnerable to data breaches and unauthorized access.
  • Cisco advises users to upgrade to the latest ASA software version, as no workarounds are available for this vulnerability.
  • Link to Additional Vulnerability Information: https://nvd.nist.gov/vuln/detail/CVE-2014-2120

Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

Article Link: https://thehackernews.com/2024/12/veeam-issues-patch-for-critical-rce.html

  • Veeam has issued patches for critical vulnerabilities in its Backup & Replication software, including CVE-2024-40711, a remote code execution flaw rated 9.8 on the CVSS scale.
  • The vulnerability allows unauthenticated attackers to execute arbitrary code, posing a major threat to enterprise systems if left unpatched.
  • Exploiting this flaw could lead to severe data breaches or system compromises, affecting organizations relying on Veeam for critical backup operations.
  • Users are urged to update to version 12.2.0.334 or 12.3 (released December 3) immediately to eliminate the risk and protect against potential exploitation.
  • Link to Veeam’s Support Knowledge Base: https://www.veeam.com/kb2680
  • Link to Veeam’s Release Notes: https://helpcenter.veeam.com/rn/veeam_backup_12_3_release_notes.html
  • Link to Additional Vulnerability Information: https://nvd.nist.gov/vuln/detail/CVE-2024-40711

Cyber-Unsafe Employees Increasingly Put Orgs at Risk

Article Link: https://www.darkreading.com/vulnerabilities-threats/cyber-unsafe-employees-orgs-risk

  • CyberArk researchers surveyed over 14,000 employees across various industries with the results revealing that many workers engage in risky behaviors, such as accessing workplace applications from personal devices lacking proper security measures.
  • The study found that 80% of employees use insecure personal devices for work applications, 49% reuse passwords across multiple platforms, and 65% bypass security policies for convenience.
  • These practices increase the likelihood of data breaches and leaks, especially with the growing use of artificial intelligence tools in the workplace.
  • Organizations should adopt comprehensive security training, enforce strict access controls, and promote a culture of security awareness to mitigate these issues.
  • Link to CyberArk’s Survey: https://www.cyberark.com/press/new-research-from-cyberark-reveals-security-risks-introduced-by-everyday-employee-behaviors/
  • Link to FBI PSA on AI Usage: https://www.ic3.gov/PSA/2024/PSA241203?&web_view=true

Employee Sues Apple Over ‘Spying’ Claims Tied to Mandatory Devices

Article Link: https://www.theregister.com/2024/12/02/employee_sues_apple_spying/

  • Apple employee Amar Bhakta has filed a lawsuit against Apple, alleging that its policies infringe on employee privacy and suppress free speech.
  • The suit claims Apple mandates the use of company-managed devices and software, enabling access to personal data such as emails, photos, and location information, even outside of work hours.
  • Additionally, it alleges that Apple’s confidentiality agreements unlawfully restrict employees from discussing wages and working conditions.
  • If proven, these practices could violate California labor law, raising concerns about employee rights and privacy within major tech firms.
  • The lawsuit seeks to compel Apple to revise its surveillance and confidentiality policies to better protect employee privacy and freedom of speech.

Two Data Brokers Banned from Selling ‘Sensitive’ Location Data by the FTC

Article Link: https://www.theverge.com/2024/12/3/24312313/ftc-bans-sensitive-location-data-brokers-gravy-analytics-venntel-mobilewalla

  • The Federal Trade Commission (FTC) has banned data brokers Gravy Analytics and its subsidiary Venntel from selling sensitive location data, including information on visits to medical facilities, places of worship, and military installations.
  • These companies collected location data from smartphones though ordinary apps and the advertising ecosystem, then sold this information to other businesses and government agencies without proper consent.
  • The FTC expounds their intent is to protect our privacy and to lay down a regulatory marker for dealings in data that otherwise might not be covered by any legislation or established legal principles.
  • This action addresses concerns about privacy violations and unauthorized surveillance, as such data can reveal intimate details about individuals’ lives, potentially leading to misuse.

‘A Total Meltdown’: Black Friday Zipcar Outage Strands Customers in Random Places

Article Link: https://www.404media.co/a-total-meltdown-black-friday-zipcar-outage-strands-customers-in-random-places/

  • On Black Friday, Zipcar’s app had a meltdown, leaving customers stranded and cars locked, proving that even technology can take a holiday break.
  • The app failure brought the rental process to a screeching halt, showing what happens when you put all your keys in one digital cloud basket.
  • Stranded users faced chaos and safety concerns, learning the hard way that relying solely on apps can leave you locked out—literally.



Reach out to our incident response team for help

More To Explore

Information Security News – 2/3/2025

Phishing Campaign Baits Hook with Malicious Amazon PDFs Article Link: https://www.darkreading.com/cyberattacks-data-breaches/phishing-campaign-malicious-amazon-pdfs Cybersecurity Crisis in Numbers Article Link: https://www.helpnetsecurity.com/2025/01/29/data-breach-notices/ Google Forced to Step Up Phishing Defenses

Information Security News – 1/27/2025

Ransomware Attackers Are “Vishing” Organizations Via Microsoft Teams Article Link: https://www.helpnetsecurity.com/2025/01/21/ransomware-attackers-are-vishing-organizations-via-microsoft-teams-email-bombing/ FTC Orders GM to Stop Collecting and Selling Driver’s Data Article Link: https://www.bleepingcomputer.com/news/legal/ftc-orders-gm-to-stop-collecting-and-selling-drivers-data/ Brave

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.