21 MAY 2024 WEEKLY NEWSLETTER

BOCRA website

     

NEWSLETTER

 

New Android Banking Trojan Mimics Google Play Update App

                                                     LATEST CYBER HACKS 
 
 
icon

LLMjacking: Stolen Cloud Credentials Used in New AI Attack

The Sysdig Threat Research Team (TRT) recently observed a new attack that leveraged stolen cloud credentials in order to target ten cloud-hosted large language model (LLM) services, known as LLMjacking. The credentials were obtained from a popular target, a system running a vulnerable version of Laravel (CVE-2021-3129). Attacks against LLM-based Artificial Intelligence (AI) systems have been discussed often, but mostly around prompt abuse and altering training data.
icon

China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT

Cybersecurity researchers have shed more light on a remote access trojan (RAT) known as Deuterbear used by the China-linked BlackTech hacking group as part of a cyber espionage campaign targeting the Asia-Pacific region this year.
icon

SideCopy APT Campaign Found Targeting Indian Universities

Cyble Research and Intelligence Labs (CRIL) researchers have uncovered a new SideCopy campaign. The threat actor group has previously been observed targeting South Asian nations with a particular focus on government and military targets in India and Afghanistan.


                                                      VULNERABILITIES
 
 
icon

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)

New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a “clone” operation.
icon

Flaw in Wi-Fi Standard Can Enable SSID Confusion Attacks

Microsoft's scheduled Patch Tuesday security update for February includes fixes for two zero-day security vulnerabilities under active attack, plus 71 other flaws across a wide range of its products.
icon

11 Vulnerabilities Found in GE Ultrasound Devices

Security researchers have identified nearly a dozen vulnerabilities in certain GE HealthCare ultrasound products that could allow malicious actors with physical access to the devices to implant ransomware or access and manipulate patient data stored on the affected devices, says a new report published Tuesday by Nozomi Networks.

                                     MALWARES
 
 
icon

SugarGh0st RAT Variant Used in Targeted AI Industry Attacks

Cybersecurity researchers have recently uncovered a sophisticated cyber campaign targeting organizations involved in artificial intelligence endeavors in the United States. 
icon

Ongoing Malvertising Campaign leads to Ransomware

Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains. In at least one observed case, the infection has led to the attempted deployment of ransomware.

                               GENERAL NEWS
 
 
icon

Internet outage felt across East Africa

The patchy service was a result of faults in the under-sea cables that connect the region to the rest of the world through South Africa, industry expert Ben Roberts told the BBC.
icon

Microsoft to unveil AI devices and features ahead of developer conference

The Qualcomm Snapdragon X Elite chips include a so-called neural processing unit that is designed to accelerate AI-focused applications, such as Microsoft's Copilot software.Microsoft's product event, a day before the start of its annual developer conference, is open to journalists and industry analysts who attend in person. It will not be live-streamed.