BREAKING AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

In Other News: Malware Delivered by ISP, Temu Spying, Critical Dataverse Vulnerability

Noteworthy stories that might have slipped under the radar: Korean ISP delivers malware to customers, Temu sued for allegedly spying on users, Microsoft patches a critical Dataverse vulnerability.

Cybersecurity News tidbits

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. 

Here are this week’s stories: 

Microsoft patches critical Dataverse vulnerability

Microsoft has informed customers that a critical remote code execution vulnerability has been patched in its Dataverse product, which is designed for securely storing and managing data used by business applications. The vulnerability has been assigned CVE-2024-35260, even though users don’t need to take any action. Microsoft took the opportunity to unveil cloud service CVEs for greater transparency.  

Levi Strauss credential stuffing attack

Clothing company Levi Strauss is informing 72,000 customers that their passwords have been reset after it detected a credential stuffing attack on their account. Attackers may have obtained information such as name, address, email address, order history, and possibly partial payment card information. 

Advertisement. Scroll to continue reading.

Ventura County Credit Union (VCCU) data breach stemming from email hack

An email account hack has led to a data breach at Ventura County Credit Union (VCCU). The incident occurred in late January and the hacked email account stored personal information such as name, Social Security number, and financial account information. The incident impacts nearly 45,000 individuals. In 2022, the same credit union suffered a data breach impacting 82,000 customers and employees. 

South Korean ISP delivered malware to 600,000 users

South Korean ISP KT has been accused of delivering malware to 600,000 customers in an attempt to interfere with BitTorrent traffic. The company was likely trying to ease the burden placed by torrent traffic on its network and save costs. 

Ollama AI solution affected by remote code execution vulnerability

Ollama, a popular open source project for running AI models, is affected by a remote code execution vulnerability. The flaw is tracked as CVE-2024-37032 and dubbed Probllama. The project’s developers have taken steps to address the issue, but there have been many vulnerable instances exposed to the internet. 

Health sector warned of social engineering and phishing attacks

The FBI, CISA and the HHS have issued a joint security advisory to warn healthcare and public health organizations about attacks involving social engineering and phishing. The social engineering tactics involved calls to the targeted organization’s IT help desk, with the attacker posing as an employee. The goal is to gain access to online accounts and divert ACH payments to bank accounts controlled by the cybercriminals. 

New Snowblind Android malware

Promon has conducted an analysis of a new Android banking trojan named Snowblind.  Snowblind uses a novel technique to attack Android apps based on a Linux kernel feature. This appears to be the first malware using this attack vector. 

Chinese shopping app Temu allegedly used for spying

The company behind the Chinese shopping app Temu has been sued by the Arkansas Attorney General. The lawsuit, which describes the application as ‘dangerous malware’, claims Temu can collect a lot of data from the devices it’s installed on, and points to the risks of providing information to a Chinese company. In response, Temu denied the accusations and said the lawsuit is based on inaccurate information. The company will defend itself against the claims.

Sensor Net Connect and Thermoscan IP vulnerabilities

Nozomi Networks Labs raises the alarm on seven vulnerabilities in the healthcare industry-tailored Sensor Net Connect device and the accompanying Thermoscan IP desktop application that could be exploited to manipulate system settings, install malware, exfiltrate and manipulate sensitive data, and disrupt healthcare services. The vendor has been notified, but it does not appear to have released any patches.

Apple patches AirPods Bluetooth vulnerability

Apple has released AirPods firmware updates to resolve a Bluetooth vulnerability (CVE-2024-27867) that could allow attackers to spoof devices and gain access to a user’s headphones when the headphones are seeking to connect to a previously paired device.

Google updates Chrome Root Store policies

Google on Thursday announced changes to its Chrome Root Store policies that will translate into Chrome 127 not trusting TLS server authentication certificates validating to specific Entrust roots with an earliest Signed Certificate Timestamp (SCT) dated after October 31, 2024. Recent patterns of concerning behavior have eroded confidence in Entrust, Google says

Related: In Other News: Fuxnet ICS Malware, Google User Tracking, CISA Employee Scams 

Related: In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up

Written By

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

ICS and OT cybersecurity solutions provider TXOne Networks appoints Stephen Driggers as new CRO

Identity orchestration provider Strata Identity appoints Aldo Pietropaolo as Field CTO

Cybersecurity provider for the aviation industry Cyviation has appointed Eliran Almog as Chief Executive Officer.

More People On The Move

Expert Insights