Skip to content
Home » SIEM Tuning Insights » Cyber Security Brief 5/14/2024

Cyber Security Brief 5/14/2024

Cyber Security brief Blue team in a blue room.

Vulnerability Management

Below is the Cyber Security Brief 5/14/2024.

  • To protect against Black Basta ransomware, the FBI, CISA, and HHS have advised healthcare organizations to harden their systems.
  • As part of a broader cyberattack, hackers have hacked several U.S. agencies. They exploited a vulnerability in MOVEIt, a popular tool for transferring files quickly.
  • The DarkGate malware operation has launched a new wave of attacks that exploit a recently patched Windows Defender SmartScreen vulnerability (CVE-2024-21412).
  • Rapidly exploiting newly disclosed vulnerabilities, the threat actor group Magnet Goblin is targeting public-facing servers and edge devices.
  • The North Korea-based Kimsuky APT is propagating a new malware called ToddleShark by abusing ScreenConnect bugs, CVE-2024-1708 and CVE-2024-1709.
  • A new Migo malware has been spotted. It targets Redis servers to mine cryptocurrency and uses system-weakening commands to disable security features.
  • A new wave of attacks exploiting a recently patched Windows Defender SmartScreen vulnerability (CVE-2024-21412) has been launched by the DarkGate malware operation.
  • The threat actor group Magnet Goblin is rapidly exploiting newly disclosed vulnerabilities to target public-facing servers and edge devices.
  • The North Korea-based Kimsuky APT is abusing ScreenConnect bugs, CVE-2024-1708 and CVE-2024-1709, to propagate a new malware called ToddleShark.
  • A new Migo malware targeting Redis servers to mine cryptocurrency and utilizing system-weakening commands to disable security features has been spotted.
  • A man from Tracy has been federally sentenced for accessing the computer network of the Discovery Bay Water Treatment Facility and shutting it down in 2021.
  • BT is ramping up its use of AI to counter hacking threats to its business customers.
  • A colossal cyber-attack has hit US companies. The attack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software.

CISA News

  • More than 500 private industry and critical infrastructure organizations across North America, Europe, and Australia have been targeted by Black Basta affiliates; resulting in data encryption and theft from at least 12 out of 16 CI sectors.
  • Mike Duffy, the associate director for capacity building in the cyber division at CISA, will take over for DeRusha on an acting basis.

Please note that this is a Cyber Security Brief 5/14/2024 summary created by AI. For more detailed information, you should refer to the respective sources. Stay safe and secure!

Read Yesterdays Cyber Security Brief

Check out my Friend’s book “The ABC’S of Cyber Security: Total Cyber Security for Small and Medium Sized Businesses”

Leave a Reply

Your email address will not be published. Required fields are marked *