Cyber Threat Report: Cyber Security News for 07/07/23

CISA Warns Samsung Handset Bugs and D-Link Router Flaws are Being Exploited in Wild
The most severe Samsung bug is a vulnerability (CVE-2021-25487) classified as an out-of-bounds read error impacting the handset modem interface driver. The flaw can lead to arbitrary code execution by an adversary. Both Samsung and NIST classified the bug as “high severity”. Read More

New tool exploits Microsoft Teams Bug to Send Malware to Users
A member of the U.S. Navy's red team has published a tool called TeamsPhisher that leverages an unresolved security issue in Microsoft Teams to bypass restrictions for incoming files from users outside of a targeted organization, the so-called external tenants. Read More

Human Error the Leading Cause of Cloud Data Breaches
The leading cause of cloud data breaches was human error, at 55%, according to the report. This was significantly above the next highest factor identified by respondents (21%), which was an exploitation of vulnerabilities. Read More

Cisco Warns of Bug that Lets Attackers Break Traffic Encryption
The flaw was found during internal security testing in the ACI Multi-Site CloudSec encryption feature of data center Cisco Nexus 9000 Series Fabric Switches. Read More

Ransomware Criminals Are Dumping Kids’ Private Files Online After School Hacks
The confidential documents stolen from schools and dumped online by ransomware gangs are raw, intimate, and graphic. They describe student sexual assaults, psychiatric hospitalizations, abusive parents, truancy — even suicide attempts. Read More

The University of California sues Lloyd’s of London in a cyber insurance dispute
Lawsuit claims Lloyd’s of London refused to reimburse the university system for the costs of data breaches covered in a cyber insurance policy. Read More

75% Of Consumers Prepared To Ditch Brands Hit By Ransomware
As 40% of consumers harbor skepticism regarding organizations’ data protection capabilities, 75% would shift to alternate companies following a ransomware attack. Read More

U.S. Law Firms Targeted in New GuLoader Campaign
The campaign has been specifically targeting American law firms, along with healthcare and investment firms. Read More

330K FortiGate firewalls are unpatched and open to RCE attacks
NIST rates the critical flaw with CVSS severity score of 9.8 out of 10. Read More

Capita’s Own Pension Scheme Suffered Data Breach In March Hack
Revelation comes as PwC retirement fund members learn additional personal data was compromised in an attack. Read More

HEADLINE PRIVACY & IT SECURITY COMPLIANCE NEWS

CISA, or the Cybersecurity and Infrastructure Security Agency, has disclosed the exploitation of critical vulnerabilities in Android and D-Link systems by the advanced persistent threat (APT) group known as iWild. These flaws pose significant risks to Android users and individuals using D-Link routers, potentially allowing unauthorized access and control. CISA warns that the APT group actively exploits the vulnerabilities to gain persistent access to targeted systems and steal sensitive information. This revelation highlights the urgent need for users to update their Android devices and D-Link routers to the latest firmware versions to mitigate these risks.

A recently discovered security vulnerability in Microsoft Teams has been exploited by a new tool that enables the delivery of malware to unsuspecting users. The bug, which has not yet been patched, allows attackers to send a specially crafted GIF file to a Teams user, which, when opened, triggers the execution of malicious code. This technique bypasses the platform's built-in security measures and poses a significant threat to organizations relying on Teams for communication and collaboration. Users are advised to exercise caution when receiving unexpected files and to update their Teams application as soon as a fix becomes available.

Get in touch with us to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.