MS-ISAC ADVISORY NUMBER: 2024-097 DATE(S) ISSUED: 09/06/2024 OVERVIEW: A vulnerability has been discovered in SonicWall SonicOS Management Access and SSLVPN, which could allow for unauthorized resource access and in specific conditions, causing the firewall to crash. SonicOS is SonicWall’s operating system designed for their firewalls and other security devices. Successful exploitation of the most severe…

Read More

​Transport for London, the city’s public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack. On Monday, the transport authority reported the incident to relevant government agencies (including the National Cyber Security Centre and the National Crime Agency). It is now…

Read More

‘We sincerely apologize this incident occurred,’ according to a letter to Avis customers. Avis, the car rental company, has disclosed that threat actors accessed one of its business applications and accessed customer personal information. The Parsippany, N.J.-based company has sent letters dated Sept. 4 to customers whose information was accessed in the breach, according to…

Read More

For the week ending Sept. 6, CRN takes a look at the companies that brought their ‘A’ game to the channel including Verizon, Amazon Web services, Salesforce, Palo Alto Networks, and Couchbase. The Week Ending Sept. 6 Topping this week’s Came to Win list is Verizon for striking a $20 billion acquisition deal that will…

Read More

Image: MidjourneyAmerican car rental giant Avis notified customers that unknown attackers breached one of its business applications last month and stole some of their personal information. According to data breach notification letters sent to impacted customers on Wednesday and filed with California’s Office of the Attorney General, the company took action to stop the unauthorized…

Read More

Sep 06, 2024Ravie LakshmananNetwork Security / Threat Detection SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10.…

Read More

​After Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps. ActiveX is a legacy software framework introduced in 1996 that enables developers to create interactive objects that can be embedded in Office documents. Redmond will start by turning off ActiveX controls in documents opened…

Read More

Sep 06, 2024Ravie LakshmananSoftware Security / Hacking Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped software and packages. These attacks typically involve registering domains or packages with names slightly altered from their legitimate counterparts (e.g., goog1e.com vs. google.com). Adversaries targeting open-source repositories across…

Read More

Sep 06, 2024Ravie LakshmananCryptocurrency / APT Attack A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote code execution bug (CVE-2024-36401, CVSS score: 9.8)…

Read More

A new Android malware named SpyAgent uses optical character recognition (OCR) technology to steal cryptocurrency wallet recovery phrases from screenshots stored on the mobile device. A cryptocurrency recovery phrase, or seed phrase, is a series of 12-24 words that acts as a backup key for a cryptocurrency wallet. These phrases are used to restore access…

Read More