Today’s Cybersecurity Threats and Trends - 09/06/2024

LiteSpeed, Lowe's, and International Litigation.

Author

J.W. Croley
September 06, 2024

In partnership with

Before we begin, I want to congratulate Michael C. for winning our giveaway! You will be receiving the $50 Amazon gift card in your email today!

If you enjoy this newsletter please don’t forget to share it!

Finally, I would like to thank our partners for sponsoring today's newsletter!

On top of your continued support, every click of the link below help to keep this newsletter going! Please check them out!

The Daily Newsletter for Intellectually Curious Readers

  • We scour 100+ sources daily

  • Read by CEOs, scientists, business owners and more

  • 3.5 million subscribers

1. Russian Raiders Rattle Infrastructure

Primary Threat: U.S. and allies have officially linked Russian military hackers, specifically the GRU's Unit 29155, to multiple cyberattacks targeting critical infrastructure. A new joint advisory from CISA warns organizations to be vigilant against these sophisticated threats, which include attacks on energy grids, water supplies, and other vital systems.

  • MITRE Tactics: Initial Access, Impact

  • Risk: High – These nation-state-backed attacks are designed to disrupt essential services and cause widespread damage to infrastructure.

2. LiteSpeed Lapse Leaves Sites Vulnerable

Primary Threat: A critical account takeover vulnerability has been patched in the LiteSpeed Cache plugin, which is used by over two million websites. Patchstack researchers discovered that the flaw could allow attackers to gain full administrative control over affected websites, potentially leading to the compromise of sensitive data.

  • MITRE Tactics: Privilege Escalation, Persistence

  • Risk: High – Given the widespread use of the plugin, websites without the patch remain vulnerable to complete takeover.

Unlock your potential with our partner…

Whether you're a beginner or an expert, Hack The Box provides a dynamic and engaging environment to test your hacking mettle. Join me and thousands of other professionals in this thriving community and take your cybersecurity expertise to the next level.

Start your journey today!

3. Veeam’s Vulnerability Fix

Primary Threat: Veeam has released updates to fix multiple critical vulnerabilities in its Backup & Replication software, which could allow remote attackers to execute arbitrary code. The Veeam bulletin highlights the importance of applying these patches immediately to prevent exploitation.

  • MITRE Tactics: Execution, Initial Access

  • Risk: High – Remote code execution vulnerabilities can lead to full system compromise, especially in environments where Veeam is used to manage backups and critical data.

4. Lowe’s Workers Lured by Malvertising

Primary Threat: Cybercriminals have launched a malvertising campaign targeting Lowe’s employees via Google Ads. Malwarebytes researchers report that these ads redirect victims to phishing sites designed to steal employee credentials, leading to potential access to sensitive corporate data and systems.

  • MITRE Tactics: Credential Access, Social Engineering

  • Risk: Medium – Phishing campaigns through malvertising pose significant risks, especially when targeting corporate employees with access to critical systems.

5. Tropic Trooper Targets Taiwan

Primary Threat: A Chinese-speaking hacker group, Tropic Trooper, has been observed targeting Malaysian and Taiwanese organizations, particularly in the public sector. Kaspersky research reveals that the group is using a new web shell infection to infiltrate systems, steal sensitive data, and maintain long-term access.

  • MITRE Tactics: Persistence, Collection

  • Risk: High – State-sponsored groups like Tropic Trooper continue to be a persistent threat, particularly to government and public sector entities.

IN SUMMARY:

Ah, when it comes to nation-state attacks, critical plugin vulnerabilities, and phishing campaigns… It’s just another day in the ever-exciting world of cybersecurity!

From Russian hackers trying to shut down your infrastructure to Chinese-speaking hackers quietly sneaking into your systems, it seems like everyone’s out to cause chaos.

Add in a malvertising campaign that uses Google Ads to phish Lowe’s employees and some critical updates for Veeam, and you’ve got a never-ending maelstrom of fun.

As always: stay sharp, patch up, and remember… if it’s on the internet, it’s probably under attack.

J.W.