Hack Reports - Latest Cybersecurity News, Trends & Updates

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips

Geetansh -

Latest Cybersecurity News and Threats (December 2024)

Key Highlights:

  1. Japan Airlines Cyberattack:

    • Japan Airlines was hit by a cyberattack, which delayed flights during the year-end holiday season. The attack is believed to be related to the LockBit ransomware group1.

  2. Palo Alto Networks Vulnerability:

    • A critical vulnerability (CVE-2024-3393) in Palo Alto Networks firewalls allows unauthenticated attackers to trigger firewall reboots by sending malicious DNS packets. This vulnerability affects multiple PAN-OS versions and requires 'DNS Security' logging to be enabled. Palo Alto has released patches for versions 10.1.14-h8, 10.2.10-h12, 11.1.5, and 11.2.3, but version 11.0 remains unpatched due to EOL status15.

  3. Chrome Extension Attacks:

    • Over 600,000 users were exposed to data theft due to 16 hacked Chrome extensions3.

  4. Cloudflare Data Loss:

    • Cloudflare lost customer logs, which could potentially expose sensitive information1.

  5. Microsoft Vulnerability Patch:

    • Microsoft has patched vulnerabilities affecting cloud, AI, and other services, including an exploited flaw1.

  6. Zero Trust Architecture Integration:

    • Attack Surface Management (ASM) platforms are being integrated into Zero Trust Architectures (ZTA) to provide continuous monitoring and verification of all devices, users, and applications interacting with the network2.

  7. IoT and OT Security Focus:

    • ASM tools are focusing more on securing IoT and OT devices by identifying vulnerabilities such as default credentials, unpatched firmware, and unsecured communications2.

  8. Operation Serengeti:

    • This operation targeted criminal suspects in Africa behind ransomware, business email compromise, digital extortion, and scams1.

  9. Russian Cyberspy Group APT28:

    • Conducted a Nearest Neighbor Attack by hacking into the building across the street from the victim for a Wi-Fi attack1.

  10. Microsoft Phishing Website Seizure:

    • Microsoft seized 240 phishing-related websites and disrupted the ONNX service, which the company says is run by an Egyptian man1.

Tools and Tips:

  1. AI-Powered ASM Solutions:

    • AI and machine learning (ML) are integral to ASM, enabling organizations to identify threats faster and more accurately. AI-driven platforms analyze vast amounts of data in real-time, uncovering vulnerabilities that would be nearly impossible for human analysts to detect2.

  2. Proactive Threat Intelligence:

    • Cyble’s AI-driven ASM platform provides comprehensive, proactive threat mitigation by continuously updating its threat intelligence database with actionable insights tailored to each organization’s unique attack surface2.

  3. Patching Recommendations:

    • Organizations should update their firewalls to the latest patches to secure against the PAN-OS DoS flaw (CVE-2024-3393) and the Apache MINA RCE vulnerability (CVE-2024-52046)35.

By staying informed about these latest cybersecurity threats and tools, organizations can strengthen their cybersecurity posture and mitigate risks effectively.