Cyber Briefing - 2023.12.12

Cyber Briefing - 2023.12.12

👉 What's the latest in the cyber world today? 

Counter Strike , Apple Flaws, DLang Malware, Lazarus Group, Wordpress Plugin Vulnerability, Bluetooth Trackers, UAE TV Hacked, Americold Logistics, LLC. Data Breach, Heart of Texas Behavioral Health Network , Insomniac Games , Peruvian Police Hacked, LockBit, Surveillance Reauthorization, Human Trafficking, Websites Security, Crypto Money Returned, Log4Shell Threat.

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please subscribe.



🚨 Cyber Alerts


1. Counter Strike 2 Exploit Exposes IPs

 Valve, the developer of Counter Strike 2, is expected to address a recently uncovered cross-site scripting (XSS) vulnerability in the game that allows players to exploit HTML code blocks to display potentially harmful GIFs and reveal IP addresses. Gamers are advised to exercise caution, avoid CS2 gameplay until the exploit is patched, and be vigilant against in-game usernames resembling HTML blocks to protect their security.


2. Apple Patches Critical Security Flaws

Apple issued security updates across its ecosystem, patching critical vulnerabilities in iOS, iPadOS, macOS, tvOS, watchOS, and Safari. The patches address multiple flaws, including two zero-days, with significant fixes for issues like CVE-2023-45866, allowing an attacker to inject keystrokes by spoofing a keyboard, and updates introducing security enhancements like Contact Key Verification in iOS 17.2 and iPadOS 17.2 to ensure privacy in iMessage conversations.


3. Lazarus Group Deploys DLang Malware

The Lazarus Group, a cybercrime organization linked to North Korea, has been found using novel malware strains written in the DLang programming language, a memory-safe language. The attacks, part of "Operation Blacksmith," targeted organizations globally, with at least three DLang-based malware strains identified, showcasing a shift towards newer languages in cybercriminal activities.


4. WordPress Plugin Flaw Demands Urgent Update

A severe vulnerability in the Backup Migration WordPress plugin, installed on over 90,000 websites, poses a significant threat by allowing attackers to achieve remote code execution and fully compromise vulnerable sites. The flaw, designated as CVE-2023-6553 with a severity score of 9.8/10, was uncovered by bug hunters from Nex Team and reported to Wordfence, a WordPress security firm. Despite the rapid release of a patch by the plugin's developers, nearly 50,000 sites remain vulnerable, underscoring the urgency for administrators to secure their websites against potential exploitation.


5. Europol on Alert Due to Bluetooth Trackers

Europol has raised an alert on the criminal misuse of Bluetooth trackers, highlighting their exploitation by organized crime groups in tracking illegal commodities, particularly in cocaine smuggling. Criminals use these devices to monitor the movement of illicit cargo after it arrives in ports, assisting in the trafficking process and prompting Europol to issue an early warning to EU Member States about the misuse of Bluetooth tracker technology by organized crime.



💥 Cyber Incidents


6. UAE TV Hacked, Altered Footage Broadcast

Hackers targeted a United Arab Emirates TV service, replacing broadcasts with graphic footage from the Israel-Hamas war. The fake news segment, showing alleged Israeli military atrocities, interrupted European live channels, and the incident is under investigation by the affected local set-top box provider.


7. Americold Faces Major Data Breach

Americold, a global cold storage and logistics giant, has acknowledged a significant data breach affecting over 129,000 employees and their dependents. The breach, which occurred in April and was later claimed by the Cactus ransomware group, led to an IT network shutdown and operational outage at Americold's temperature-controlled warehouses worldwide. Personal information, including names, addresses, Social Security numbers, financial account details, and health insurance information, was compromised, prompting concerns about potential identity theft and cyber threats for the affected individuals.


8. Heart of Texas Healthcare Data Breach

The Heart of Texas Behavioral Health Network is notifying patients about a data breach that occurred on Oct. 22, exposing sensitive information like names, birth dates, medical record numbers, and health insurance details. While the nonprofit assures that the network is now secure and there's no evidence of misuse, it is offering affected individuals identity theft protection services. The agency has enlisted a third-party forensic incident response firm to investigate and secure its network after the unauthorized access incident.


9. Insomniac Games Faces Ransomware Threat

 Ransomware group Rhysida claims to have successfully hacked renowned video game developer Insomniac Games, posting limited data as proof. The leaked information includes an annotated screenshot from the upcoming Marvel’s Wolverine game, along with character art suggesting other Marvel characters' involvement. The gang has initiated an auction for the complete data set, setting a starting price of 50 bitcoins (over US$2 million), while warning Insomniac Games of a seven-day deadline before the full data release, which includes passport scans, internal emails, and confidential documents


10. LockBit Breach Peruvian National Police

The LockBit Group has declared responsibility for infiltrating the National Police Force of Peru, La Policia Nacional de Peru, thrusting the nation into a precarious state of cyber vulnerability. The cryptic January 30, 2025 deadline set by the hackers adds an enigmatic layer to the breach, raising suspicions and leaving the motives behind the attack unclear. With an official response still pending, the extent of the data breach, the compromised information, and LockBit's true intentions remain veiled in uncertainty, amplifying concerns about the nation's cybersecurity.



📢 Cyber News


11. US Plans Business Surveillance

Two reform bills in the US Congress, HR 6570 and HR 6611, address the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA). While HR 6570 focuses on reauthorization with strong civil liberties and privacy provisions, HR 6611, known as the FISA Reform and Reauthorization Act of 2023 (FRRA), raises concerns about expanding the definition of electronic communication service providers, potentially enlisting various businesses in government-directed surveillance.


12. Arrested Cyber Fraud Human Traffickers

 Interpol's Operation Storm Makers II, involving law enforcement from 27 countries across Asia, Africa, the Middle East, and South America, led to the arrest of 281 individuals involved in human trafficking, passport forgery, corruption, telecoms fraud, and sexual exploitation. The operation identified 149 human trafficking victims, opened 360 new investigations, and highlighted the global expansion of the modus operandi as victims are increasingly lured from various continents into large-scale digital fraud schemes.


13. Weak Password Policies Revealed

 A study by researchers at the Georgia Institute of Technology reveals that many popular websites still maintain weak password creation policies. Findings indicate that 75% of websites allow passwords shorter than the recommended 8 characters, with 12% permitting single-character passwords, and various sites accepting easily guessable passwords like "123456," highlighting a widespread lack of adherence to modern security practices.


14. UKP Returns £8M Bitcoin Stolen

 UK police in Lancashire returned around £8 million in bitcoin stolen in a £20 million hack orchestrated by James Parker. The plot involved exploiting a glitch in the Australian crypto trading website CoinSpot, with surviving conspirators sentenced to over 15 years; Parker, the alleged mastermind, died in 2021.


15. Log4Shell Threat in Open Source

 Two years post-disclosure, around 25% of applications still have Log4Shell vulnerability due to outdated libraries, according to Veracode research. Despite significant remediation efforts, the study highlights the ongoing challenge of maintaining open source software security, with some developers reverting to leaving libraries untouched, exposing applications to potential exploits.


Subscribe and Comment.

Copyright © 2023 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium.





To view or add a comment, sign in

More articles by CyberMaterial

Insights from the community

Others also viewed

Explore topics