News Roundup — August 15th 2024 edition.

Published in

BCK Security Weekly Newsletter

3 min readAug 15, 2024

This week in cybersecurity, Microsoft patched a critical zero-click Windows TCP/IP RCE vulnerability affecting all IPv6-enabled systems. The Chinese APT group Eastwind was linked to a cyber espionage campaign, and NIST launched encryption tools to resist quantum computing. AutoCanada faced a cyberattack on its IT systems, and a cybercriminal leader tied to JP Morgan was arrested for pioneering ransomware-as-a-service.

Hackers leaked 1.4 billion Tencent accounts, and DARPA is shifting from C to Rust for secure coding. The UN approved a controversial cybercrime treaty, and Microsoft reported Iranian interference in U.S. elections. The U.S. dismantled a North Korean laptop farm, and CISA warned about an actively exploited Apache OFBiz flaw. Finally, a cybercrime rapper sued a bank over a fraud investigation.

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an…

www.bleepingcomputer.com

'EastWind' Cyber Spy Campaign Combines Various Chinese APT Tools

The likely China-linked campaign is deploying CloudSorcerer and other proprietary binaries belonging to known…

www.darkreading.com

NIST releases first encryption tools to resist quantum computing

The U.S. National Institute of Standards and Technology (NIST) has released the first three encryption standards…

www.bleepingcomputer.com

AutoCanada discloses cyberattack impacting internal IT systems

Hackers targeted AutoCanada in a cyberattack last Sunday that impacted the automobile dealership group's internal IT…

www.bleepingcomputer.com

Cybercriminal Leader 'J.P.Morgan' Busted For Pioneering RaaS Model

Maksim Silnikau and his associates are accused of developing and distributing notorious ransomware strains such as…

www.darkreading.com

Cybercriminal Duo Attracts FBI Notice by Spending Big & Living Large

Cash may be king, but law enforcement keeps track of who spends it, especially when it's in the six-figure range.

www.darkreading.com

Self-driving Waymo cars keep SF residents awake all night by honking at each other

Haunted by glitching algorithms, self-driving cars disturb the peace in San Francisco.

arstechnica.com

Microsoft Azure AI Health Bot Infected With Critical Vulnerabilities

Privilege escalation flaws in the healthcare chatbot platform could have allowed unauthorized cross-tenant access and…

www.darkreading.com

Hackers Leak 1.4 Billion Tencent User Accounts Online

Massive data leak exposes 1.4 billion Tencent user accounts. Leaked data includes emails, phone numbers, and QQ IDs…

hackread.com

DARPA Aims to Ditch C Code, Move to Rust

The Defense Advanced Research Projects Agency launches TRACTOR program to work with university and industry researchers…

www.darkreading.com

CrowdStrike Tries to Patch Things Up With Cybersecurity Industry

CrowdStrike's president and CEO were both at Black Hat and DEF CON to face direct questions from customers and…

www.darkreading.com

UN Approves Cybercrime Treaty Despite Major Tech, Privacy Concerns

The treaty would allow any country to request technology firms to aid in cybercrime investigations and preserve data…

www.darkreading.com

White House to study open source software in critical infrastructure

The Biden administration is looking to understand just how widespread open-source software is in critical…

cyberscoop.com

Easterly: Cybersecurity is a software quality problem

The head of the Cybersecurity and Infrastructure Security Agency wants to see major changes in how companies develop…

cyberscoop.com

Security company ADT announces security breach of customer data | Malwarebytes

Home surveillance provider ADT just announced they suffered a data breach and cybercriminals are already leaking the…

www.malwarebytes.com

512-bit RSA key in home energy system gives control of "virtual power plant"

It took $70 and 24 hours for Ryan Castellucci to gain access to 200 MW of capacity.

arstechnica.com

Healthcare Providers Must Plan for Ransomware Attacks on Third-Party Suppliers

The American Hospital Association and Health-ISAC issued a joint threat bulletin warning healthcare IT providers that…

www.darkreading.com

Microsoft: Iran makes late play to meddle in U.S. elections

The effort from four separate groups includes both hacking attempts and fake news campaigns, according to the company.

cyberscoop.com

US dismantles laptop farm used by undercover North Korean IT workers

The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work…

www.bleepingcomputer.com

CISA warns about actively exploited Apache OFBiz RCE flaw

The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks…

www.bleepingcomputer.com

Hazy Issue in Entra ID Allows Privileged Users to Become Global Admins

Invisible authentication mechanisms in Microsoft allow any attacker to escalate from privileged to super-duper…

www.darkreading.com

Cybercrime Rapper Sues Bank over Fraud Investigation

In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime…

krebsonsecurity.com

News Roundup — August 15th 2024 edition.

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an…

'EastWind' Cyber Spy Campaign Combines Various Chinese APT Tools

The likely China-linked campaign is deploying CloudSorcerer and other proprietary binaries belonging to known…

NIST releases first encryption tools to resist quantum computing

The U.S. National Institute of Standards and Technology (NIST) has released the first three encryption standards…

AutoCanada discloses cyberattack impacting internal IT systems

Hackers targeted AutoCanada in a cyberattack last Sunday that impacted the automobile dealership group's internal IT…

Cybercriminal Leader 'J.P.Morgan' Busted For Pioneering RaaS Model

Maksim Silnikau and his associates are accused of developing and distributing notorious ransomware strains such as…

Cybercriminal Duo Attracts FBI Notice by Spending Big & Living Large

Cash may be king, but law enforcement keeps track of who spends it, especially when it's in the six-figure range.

Self-driving Waymo cars keep SF residents awake all night by honking at each other

Haunted by glitching algorithms, self-driving cars disturb the peace in San Francisco.

Microsoft Azure AI Health Bot Infected With Critical Vulnerabilities

Privilege escalation flaws in the healthcare chatbot platform could have allowed unauthorized cross-tenant access and…

Hackers Leak 1.4 Billion Tencent User Accounts Online

Massive data leak exposes 1.4 billion Tencent user accounts. Leaked data includes emails, phone numbers, and QQ IDs…

DARPA Aims to Ditch C Code, Move to Rust

The Defense Advanced Research Projects Agency launches TRACTOR program to work with university and industry researchers…

CrowdStrike Tries to Patch Things Up With Cybersecurity Industry

CrowdStrike's president and CEO were both at Black Hat and DEF CON to face direct questions from customers and…

UN Approves Cybercrime Treaty Despite Major Tech, Privacy Concerns

The treaty would allow any country to request technology firms to aid in cybercrime investigations and preserve data…

White House to study open source software in critical infrastructure

The Biden administration is looking to understand just how widespread open-source software is in critical…

Easterly: Cybersecurity is a software quality problem

The head of the Cybersecurity and Infrastructure Security Agency wants to see major changes in how companies develop…

Security company ADT announces security breach of customer data | Malwarebytes

Home surveillance provider ADT just announced they suffered a data breach and cybercriminals are already leaking the…

512-bit RSA key in home energy system gives control of "virtual power plant"

It took $70 and 24 hours for Ryan Castellucci to gain access to 200 MW of capacity.

Healthcare Providers Must Plan for Ransomware Attacks on Third-Party Suppliers

The American Hospital Association and Health-ISAC issued a joint threat bulletin warning healthcare IT providers that…

Microsoft: Iran makes late play to meddle in U.S. elections

The effort from four separate groups includes both hacking attempts and fake news campaigns, according to the company.

US dismantles laptop farm used by undercover North Korean IT workers

​​The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work…

CISA warns about actively exploited Apache OFBiz RCE flaw

The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks…

Hazy Issue in Entra ID Allows Privileged Users to Become Global Admins

Invisible authentication mechanisms in Microsoft allow any attacker to escalate from privileged to super-duper…

Cybercrime Rapper Sues Bank over Fraud Investigation

In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime…

Written by BCK Security Inc

The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work…