11 JULY 2024 WEEKLY NEWSLETTER

BOCRA website

     

NEWSLETTER

Join us on Slack

Follow us on Facebook

Splunk Addresses Critical Vulnerabilities in Enterprise and Cloud Platforms

                                                     LATEST CYBER HACKS 
 
 
icon

Nokia Faces Data Breach Allegations: 7,622 Employee Records Reportedly Compromised

Nokia Corporation, a prominent Finnish telecommunications and technology company, reportedly fell victim to a data breach. According to reports on BreachForums, a threat actor identified as 888 disclosed that over 7,622 records containing personally identifiable information (PII) of Nokia employees were compromised. 
 
icon

Fujitsu Data Breach: No Ransomware, But Advanced Attack Evades Detection

Fujitsu, the renowned Japanese tech giant, has confirmed a data breach that compromised personal and business information of some individuals and customers. The Fujitsu data breach, discovered earlier this year, did not involve ransomware but utilized sophisticated mechanisms to evade detection while exfiltrating sensitive details.
icon

New Blast-RADIUS attack bypasses widely-used RADIUS authentication

Blast-RADIUS, an authentication bypass in the widely used RADIUS/UDP protocol, enables threat actors to breach networks and devices in man-in-the-middle MD5 collision attacks.


                                                      VULNERABILITIES
 
 
icon

Apache fixed a source code disclosure flaw in Apache  http server

The Apache Foundation addressed a critical source code disclosure vulnerability, tracked as CVE-2024-39884, in the HTTP Server.
icon

Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days

Today is Microsoft's July 2024 Patch Tuesday, which includes security updates for 142 flaws, including two actively exploited and two publicly disclosed zero-days.

                                     MALWARES
 
 
icon

New Mallox Ransomware Variant Targets Linux Systems

New variant of Mallox ransomware targets Linux systems using custom encryption and a builder web panel. Cybersecurity researchers at Uptycs found decryptor which offers hope to victims, but maintaining backups and strong security practices are essential for defence.
icon

Decryptor for DoNex, Muse, DarkRace, (fake) LockBit 3.0 ransomware released

A cryptographic weakness in the DoNex ransomware and its previous incarnations – Muse, fake LockBit 3.0, and DarkRace – has allowed Avast researchers to create a decryptor for files encrypted by all those ransomware variants.
icon

ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks

"By utilizing CLR, ViperSoftX can seamlessly integrate PowerShell functionality, allowing it to execute malicious functions while evading detection mechanisms that might otherwise flag standalone PowerShell activity."

                               GENERAL NEWS
 
 
icon

You can now protect your high-risk Google account with just your phone

Google’s Advanced Protection Program required two physical security keys before — now all you need is a passkey.
icon

AI lie detectors lead people to make more false accusations, study finds

Researchers have discovered that participants were more likely to accuse others of lying when supported by a lie-detecting AI assistant, suggesting proponents of this lie-detecting technology should take pause before its wider implementation.