2 AUGUST 2024 WEEKLY NEWSLETTER

BOCRA website

     

NEWSLETTER

 

New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication

                                                     LATEST CYBER HACKS 
 
 
icon

Microsoft confirms Azure, 365 outage linked to DDoS attack

Microsoft said a DDoS attack led to an eight hour outage involving its Azure portal, as well as some Microsoft 365 and Microsoft Purview services. 
icon

Sitting Ducks DNS attacks let hackers hijack over 35,000 domains

Threat actors have hijacked more than 35,000 registered domains in so-called Sitting Ducks attacks that allow claiming a domain without having access to the owner's account at the DNS provider or registrar.
icon

Attackers Hijack Facebook Pages, Promote Malicious AI Photo Editor

 

Attackers are hijacking pages on Facebook to lure victims into downloading a legitimate artificial intelligence (AI) photo editor, but then serving up a widely distributed infostealer to rob users of their credentials instead.


                                                      VULNERABILITIES
 
 
icon

Apple Extends Zero-Day Patch to Older Macs, Urges Immediate Update

Apple has expanded its security efforts by backporting a critical zero-day patch to older Mac models running macOS Monterey 12.7.6. The vulnerability, tracked as CVE-2024-23296, was previously addressed in March for newer devices but is now confirmed to have been actively exploited in the wild.
icon

Multiple SMTP Servers Vulnerable to Spoofing Attacks, Hackers Bypassing Authentication

A recent discovery has unveiled vulnerabilities in multiple hosted, outbound SMTP servers, allowing authenticated users and certain trusted networks to send emails with spoofed sender information.

                                     MALWARES
 
 
icon

Massive SMS stealer campaign infects Android devices in 113 countries

A malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal one-time 2FA passwords (OTPs) for over 600 services.

icon

New Android Banking Trojan BingoMod Steals Money, Wipes Devices

Cybersecurity researchers have uncovered a new Android remote access trojan (RAT) called BingoMod that not only performs fraudulent money transfers from the compromised devices but also wipes them in an attempt to erase traces of the malware.
icon

Google ads push fake Google Authenticator site installing malware

Google has fallen victim to its own ad platform, allowing threat actors to create fake Google Authenticator ads that push the DeerStealer information-stealing malware.


                               GENERAL NEWS
 
 
icon

Apple releases iOS 18.1 developer beta with the first ‘Apple Intelligence’ iPhone features

Apple has just released the developer betas for iOS 18.1, iPadOS 18.1, and macOS Sequoia 15.1, giving users access to the company’s first set of AI features.
icon

Oracle challenges cloud giants with new Nvidia AI hardware offerings

Oracle announced today an expansion of its partnership with Nvidia, introducing new GPU options and AI infrastructure services on Oracle Cloud Infrastructure (OCI) . This move signals a maturing artificial intelligence market and aims to provide more flexibility for businesses of all sizes looking to leverage AI capabilities.