Tuesday, May 21, 2024
HomeNewsTODAY, ON THE BENCH - 14 February 2024

TODAY, ON THE BENCH – 14 February 2024

Microsoft has addressed a total of 73 security flaws, including two zero-day vulnerabilities, through the release of new security patches. Among these vulnerabilities, one identified as CVE-2024-21351, with a CVSS score of 7.6, allows malicious actors to inject code into SmartScreen, potentially leading to code execution and consequent data exposure or system unavailability.

The severity of five of these flaws has been classified as “critical” by Microsoft. These critical vulnerabilities include CVE-2024-20684 (CVSS score: 6.5) – Windows Hyper-V Denial of Service Vulnerability, CVE-2024-21357 (CVSS score: 7.5) – Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability, CVE-2024-21380 (CVSS score: 8.0) – Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability, CVE-2024-21410, CVE-2024-21413 (CVSS score: 9.8) – Microsoft Outlook Remote Code Execution Vulnerability.

Waldemar S. Nelson, an oil and gas company with a revenue of $76.1 million and over 500 employees, specializing in various areas including Oil & Gas Production, Compressor Stations, Pipelines & Metering Stations, Power Plants & Distribution, Cogeneration, Refinery/Petrochemical Plants, Mining & Minerals Processing, Ports & Marine Terminals, Materials Handling & Storage, and Drainage & Pumping Stations, has fallen victim to a ransomware attack by the Lockbit3.0 ransomware group.

Water Hydra, also known as DarkCasino, a notorious threat actor, is targeting traders with Darkme Malware using a zero-day vulnerability in Microsoft SmartScreen. According to cybersecurity experts, in this attack, the threat actor utilized CVE-2024-21412 to bypass Microsoft Defender SmartScreen and infect victims with DarkMe malware. Fortunately, Microsoft has addressed this vulnerability through a security patch.

The Abyss ransomware group has launched an attack on Van Wingerden Greenhouses, a greenhouse business with over 50 employees and $5 million in revenue. The Bumblebee malware has resurfaced, now employing new tactics to target U.S. businesses. According to reports, the threat actor sends voicemail-themed lures containing links to OneDrive URLs. These URLs lead to Word files with names like “ReleaseEvans#96.docm,” utilizing VBA macros to execute PowerShell commands that download and run another PowerShell script from a remote server, ultimately deploying the Bumblebee loader.

The Qilin ransomware group has targeted Roosens, a construction company with over 50 employees and revenue of $5 million. Roosens specializes in producing 500,000 tons of concrete annually and offers various products ranging from foundations to finishes.

Cybersecurity researchers have warned about the potential exploitation of the command-not-found utility to recommend rogue packages and compromise systems running the Ubuntu operating system. The ‘command-not-found’ prompt, while helpful for suggesting installations for uninstalled commands, can be manipulated by attackers through the snap repository, leading to deceptive recommendations of malicious packages.

ATB SA Ingénieurs-conseils SIA has become a victim of the 8base ransomware. The civil engineering company, specializing in various areas including Roads and Traffic, Hydraulics, Structures and Works, Landfills and Quarries, Underground Works, Urban Planning, Geographic Information Systems (SIT), and Railway Works, has a revenue of $65.8 million and over 200 employees.

The Fulton County Government is under siege by the Lockbit3.0 ransomware group. This government body, with a revenue of $897.4 million and over 10,000 employees, is dedicated to delivering efficient, high-impact services to every resident and visitor of Fulton County.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular