Cybersecurity Digest for 24 July 2024 Today we discuss the following items: Crowdstrike Stealer: Threat Actor Uses Fake Recovery Manual to Deliver Unidentified Stealer (crowdstrike.com) ESET’s EvilVideo Discovery Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android (welivesecurity.com) TrendMicro’s Playransomware Targeting ESXi: New Play Ransomware Linux Variant Targets ESXi Shows Ties With Prolific Puma | Trend Micro (US) Magneto Credit Card Theft Malware: Attackers Abuse Swap File to Steal Credit Cards (sucuri.net) Vulnerable Ad Injecting Driver: HotPage: Story of a signed, vulnerable, ad-injecting driver (welivesecurity.com) BreachForums DataLeak Exposes Members: BreachForums v1 hacking forum data leak exposes members’ info (bleepingcomputer.com) KnowBe4 North Korean Insider: How a North Korean Fake IT Worker Tried to Infiltrate Us (knowbe4.com) Vishing Attacks: Whose Voice Is It Anyway? AI-Powered Voice Spoofing for Next-Gen Vishing Attacks | Google Cloud Blog Huntress AsyncRAT Blog: Fake Browser Updates Lead to BOINC Volunteer Computing Software | Huntress CISA KEV Additions: NVD - CVE-2024-39891 (nist.gov) NVD - CVE-2012-4792 (nist.gov) Music in order that it appears licensed via Artlist.io : Lizard by Captain Qubz Feel The Air by Ikoliks

Cybersecurity Digest for 22 July 2024 Today we discuss the following items: Crowdstrike Issue: Falcon Content Update Remediation and Guidance Hub | CrowdStrike Helping our customers through the CrowdStrike outage - The Official Microsoft Blog New Recovery Tool to help with CrowdStrike issue impacting Windows endpoints - Microsoft Community Hub Threat Actors capitalizing on the CrowdStrike Incident: Falcon Sensor Issue Likely Used to Target CrowdStrike Customers Likely eCrime Actor Capitalizing on Falcon Sensor Issues | CrowdStrike Fake CrowdStrike fixes target companies with malware, data wipers (bleepingcomputer.com) GTA VI Fake Beta Pushing Malware Gamers Beware: There’s No Such Thing as ‘GTA VI Beta Version’ to Download from Sponsored Facebook Ads. It’s Malware! (bitdefender.com) MediSecure MediSecure cyber security incident (homeaffairs.gov.au) MediSecure – Media / Public Statement (wordpress.com) FractalID Data Breach Infostealer Infection Results in Data Breach of Blockchain Identity Platform, Fractal ID | InfoStealers Recorded Future Report: Security Challenges Rise as QR Code and AI-Generated Phishing Proliferate | Recorded Future