Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Apple has issued emergency updates to address two severe iOS zero-day vulnerabilities, identified as CVE-2024-23225 and CVE-2024-23296, which are being actively exploited to compromise iPhones at the kernel level.
These vulnerabilities, involving memory corruption within the iOS Kernel and the RTKit component, could lead to complete system compromise, including unauthorized access to location data, the device's camera and microphone, and messages. Security experts have emphasized the critical nature of these flaws, as they allow attackers to bypass Apple's stringent kernel memory protections, posing significant risks to user privacy and data security.
We urge all Apple users to update their devices to the following versions to ensure that they are protected against these zero-days: iOS 17.4, iPadOS 17.4, iOS 16.76, and iPad 16.7.6.
By darkreading.com
In an effort to combat the rising issue of account hijackings, United States officials have called on Meta to take stronger actions against unauthorized access to Facebook and Instagram accounts.
New York Attorney General, Letitia James, has been one of Meta’s primary critics, claiming that attackers are “winning the war and running rampant on Meta,”.
Many states have reported huge increases in complaints relating to social media account compromises, and Meta is being urged to “spend more money to prevent account takeovers, including through increased staffing, and to work more closely with people whose accounts are hacked.”.
By reuters.com
Hackers are exploiting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of a growing malware campaign. This activity, dubbed ‘Spinning YARN’, has been persistent since December 2023, and is focused on delivering a cryptocurrency miner and establishing a reverse shell for persistent remote access. The attackers exploit common misconfigurations and vulnerabilities to conduct Remote Code Execution (RCE) attacks and spread the malware to new hosts.
Security researchers have highlighted the need for administrators to properly configure and secure their servers against such attacks, which not only compromise the integrity of the affected systems but also use valuable resources for cryptocurrency mining.
By thehackernews.com
The U.S. Department of Justice has announced an indictment against Linwei (Leon) Ding, a former Google engineer, for allegedly stealing Google's AI technology secrets and transferring them to Chinese companies. Ding is accused of stealing over 500 files related to Google's supercomputing technologies used for AI, including details on GPU and TPU chips, software for chip communication, and the Cluster Management System. Arrested in California, Ding faces a maximum penalty of 10 years in prison and a $250,000 fine for each count of trade secret theft.
By bleepingcomputer.com
The NCSC have published their latest infographic, named ‘Connected Places’, which outlines their principles for building and designing ‘smart city’ infrastructure.
The NCSC have stated that “These principles will help ensure the security of your connected place and its underlying infrastructure, so that it is both resilient to cyber attack and easier to manage.”.
The infographic follows three primary guidelines, which are:
- Understanding your connected place
- Designing your connected place
- Managing your connected place
These principles are “ideal for leaders looking to promote good cyber security practises across their workforce and local community.”. More details, as well as the Connected Places Infographic, can be found here.
By ncsc.gov.uk
Stay Safe, Secure and Healthy!
Edition #271 – 8th March 2024
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
