Today’s Cybersecurity Threats and Trends - 08/30/2024

He who should not be named and Nefarious NPM packages.

Author

J.W. Croley
August 30, 2024

In partnership with

Before we dive in, I would like to thank all of you for getting us to 100 subscribers! I am truly honored that you would even read my little publication! Let’s set our sights on 1000!

Also, if you haven’t already, sign up for our giveaway! It is a little token of our appreciation! Please share it with family and friends!

Finally, I would like to thank Mood Gummies for sponsoring today's newsletter!

Please check them out!

These cannabis gummies keep selling out in 2024

If you've ever struggled to enjoy cannabis due to the harshness of smoking or vaping, you're not alone. That’s why these new cannabis gummies caught our eye.

Mood is an online dispensary that has invented a “joint within a gummy” that’s extremely potent yet federally-legal. Their gummies are formulated to tap into the human body’s endocannabinoid system.

Although this system was discovered in the 1990’s, farmers and scientists at Mood were among the first to figure out how to tap into it with cannabis gummies. Just 1 of their rapid onset THC gummies can get you feeling right within 5 minutes!

1. Global Protect Used to Penetrate Enterprises

Primary Threat: Cybercriminals are deploying a fake version of Palo Alto's GlobalProtect VPN software to backdoor enterprises, as Trend Micro researchers discovered. This sophisticated phishing scheme leverages a counterfeit version of legitimate software to gain unauthorized access to corporate networks, bypassing traditional security defenses. The malicious software is meticulously crafted to mimic the real GlobalProtect VPN, making it challenging for users to distinguish between the legitimate and the fraudulent versions.

  • MITRE Tactics: Initial Access, Persistence

  • Risk: High – The potential for unauthorized access to enterprise networks poses significant risks, including data breaches and lateral movement within compromised systems.

2. Camu Blasts Billions of Bid Requests

Primary Threat: The Brazilian ad fraud network dubbed 'Camu' has been uncovered, generating an astonishing 2 billion daily bid requests. Researchers at HUMAN Security have tracked this activity, revealing a sophisticated scheme exploiting digital advertising on piracy websites. This fraud operation manipulates ad ecosystems, draining budgets and impacting advertisers' return on investment by faking user interactions and ad impressions.

  • MITRE Tactics: Impact

  • Risk: Medium – While primarily financially motivated, the massive scale of this operation can disrupt digital ad markets and lead to significant monetary losses.

Unlock your potential with our partner…

Whether you're a beginner or an expert, Hack The Box provides a dynamic and engaging environment to test your hacking mettle. Join me and thousands of other professionals in this thriving community and take your cybersecurity expertise to the next level.

Start your journey today!

3. Cameras Compromised in CCTV Zero-Day

Primary Threat: A newly discovered zero-day vulnerability in certain CCTV devices, identified as CVE-2024-7029, is being actively exploited by the Mirai botnet in a campaign uncovered by Akamai researchers. This flaw allows attackers to remotely compromise affected CCTV systems, integrating them into the botnet to launch distributed denial-of-service (DDoS) attacks or conduct other malicious activities.

  • MITRE Tactics: Initial Access, Command and Control

  • Risk: High – Compromised CCTV systems can be weaponized for DDoS attacks, threatening critical infrastructure and services.

4. Nefarious North Korean Groups Target NPM

Primary Threat: North Korean state-sponsored hackers are continuing their campaign against software developers by injecting malicious code into popular NPM packages, according to Phylum researchers. These packages, once installed, can exfiltrate sensitive information from the developers' environments or deliver additional payloads. This attack vector highlights the need for developers to scrutinize third-party libraries and dependencies.

  • MITRE Tactics: Execution, Collection, ExfiltrationExecution, Persistence

  • Risk: High – Malicious NPM packages can compromise development environments, leading to intellectual property theft and supply chain attacks.

5. Vodemort Violates Google Sheets

Primary Threat: A sophisticated espionage campaign leveraging Google Sheets to distribute malware has been detected by Proofpoint researchers. This attack, dubbed “Voldemort,” uses seemingly innocuous Google Sheets files as a delivery mechanism for malware, which can then establish persistent access to compromised systems and exfiltrate sensitive information.

  • MITRE Tactics: Execution, Persistence, Exfiltration

  • Risk: High – The abuse of trusted platforms like Google Sheets complicates detection and can lead to widespread data breaches.

IN SUMMARY:

Today’s cybersecurity landscape is as treacherous as ever. From fake VPNs giving criminals a key to your network to ad fraud networks bleeding budgets dry, the threats are constantly evolving.

Mirai botnets are targeting CCTV vulnerabilities, turning your security cameras into agents of chaos. Meanwhile, North Korean hackers are sneaking malicious code into NPM packages, and attackers are using Google Sheets as a cover for espionage.

Remember, in cybersecurity, vigilance is your best defense. Always patch, scrutinize third-party software, and think twice before clicking—because in this game, complacency is the real enemy.

Stay sharp, stay secure, and never let your guard down!

J.W.

(P.S. Check out our partners! It goes a long way to support this newsletter!)