The cybersecurity report has highlighted two highly critical zero-day vulnerabilities in Cisco networking gear. Threat actors have exploited these vulnerabilities to deliver custom malware and facilitate data exfiltration in a new and sophisticated malware campaign. These vulnerabilities are listed below:
CVE-2024-20353 with a CVSS core 8.6. It is a Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial-of-Service Vulnerability, and CVE-2024-20359 with a CVSS score of 6.0, which is a Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability.
According to a statement by Talos, “UAT4356 deployed two backdoors as components of this campaign, ‘Line Runner’ and ‘Line Dancer,’ which were used collectively to conduct malicious actions on-target, which included configuration modification, reconnaissance, network traffic capture/exfiltration and potentially lateral movement.” It is worth noting that Cisco Talos, which dubbed the activity ArcaneDoor, linked the situation to UAT4356 (aka Storm-1849 by Microsoft), a state-sponsored actor.
Google Third-Party Cookie Deprecation Faces Delay Due to U.K. Regulatory Scrutiny
Google has announced another delay in plans to deprecate third-party tracking cookies in its Chrome web browser while working on the competition concerns from U.K. regulations over its Privacy Sandbox initiative. Despite the new action to postpone the phasing out of third-party cookies, the tech giant revealed working closely with the U.K. Competition and Markets Authority (CMA) to achieve the agreement by the end of 2024.
Founder of Crypto Mixer Samourai in Department of Justice Custody Over $2 Billion Illegal Transactions Allegation
The announcement made by the department confirmed the arrest of the two co-founders of Samourai and the confiscation of facilities over the laundering of over $100 million and $2 billion in illegal transactions. The Department of Justice (DoJ) claimed that Rodriguez, the company’s CEO, and the CTO Hill had intentionally designed Samourai to assist cybercriminals in engaging in large-scale money laundering and sanctions evasion. Further reports about the situation showed that both Rodriguez and Hill Might face a maximum of 25 years prison sentence. Law enforcement agencies from Iceland, Portugal, and Europol also participated in the operation, which also led to the confiscation of digital infrastructure and Android apps owned by Samourai.
Apt73 has launched a ransomware attack against Trifecta Technologies. Trifecta Technologies specializes in salesforce consulting, implementation, managed services, custom salesforce solutions, and B2B commerce. The company has over 200 employees and a revenue of $22.7 million.
Quilong ransomware group attacked a Brazilian company called Hominem Clinic. The company specializes in Men’s Health, Male Health, Male Treatment, Intimate Health, Body Treatment, Premature Ejaculation, Male Libido, Lack of Libido, Hormonal Treatment, Erectile Dysfunction, Sexual Dysfunction, Andropause, Male Andropause, Quality of Life, Health and Well-being, Body Health, Sexual Relationship, Sexual Libido, Hominem Campinas, and Hominem Clinic. Hominem has over ten employees and a revenue of
