Weekly News Roundup March 25-29, 2024


Posted on by Kacy Zurkus

Baseball fans across the US have been waiting months for their beloved sport to return. Opening day proved victorious for the Los Angeles Dodgers and the San Diego Padres, but as cybersecurity professionals know all too well, one win does not make a team impervious to the threat of being taken down by an opponent.

In many ways, building a successful baseball organization is much like designing an effective security strategy. The Baltimore Orioles are expecting the pitching power of Corbin Burnes to keep opponents off the bases this season. Meanwhile the White House has imposed sanctions on China for an alleged sweeping cyberespionage campaign while also planning for a new age of cyber threats to satellites.

Success demands defense in depth so that if a threat actor makes it from home plate to first base, that added layer of security prevents lateral movement around the bases. But maybe I’m getting over my skis on this baseball analogy. To ensure that malicious actors don’t fly under the radar, make sure to reserve a seat in the sessions you don’t want to miss at RSA Conference 2024. Not registered yet? Don’t miss out on the opportunity to join us May 6-9 in San Francisco.

Now let’s take a look at what else made industry headlines this week.

March. 29: The vulnerability CVE-2024-28085 was found in the wall command of the util-Linux package--part of Linux operating system and allows attackers on multi-user Linux systems to craft fake SUDO prompts, potentially stealing passwords.

March. 28: Attackers are exploiting a Microsoft SharePoint code inject vulnerability that enables authenticated attackers with Site Owner privileges to execute code remotely on vulnerable servers.

March. 28: The Hacker News reported, “ A Linux version of a multi-platform backdoor called DinodasRAT has been detected in the wild targeting China, Taiwan, Turkey, and Uzbekistan. DinodasRAT, also known as XDealer, is a C++-based malware that offers ability to harvest a wide range of sensitive data from compromised hosts.”

March. 27: According to The Register, Meta allegedly created a program called Project Ghostbusters to spy on their rival, Snapchat, to get data on how the app was being used.

March. 27: The breach of UnitedHealth’s information technology network led to UnitedHealth Group paying $3.3 billion after the interruption left many health care providers temporarily unable to fill prescriptions or get reimbursed for their services.

March. 26: “Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature.” KrebsOnSecurity reported.

March. 26: President Biden announced the continuation of the national emergency declared in Executive Order 13694 with respect to significant malicious cyber-enabled activities originating outside the US continue, which pose a threat to national security, foreign policy, and the economy of the United States.

March. 25: According to CISA, Fortinet, Ivanti, and Nice products contain vulnerabilities that are frequent attack vectors and pose serious risks to the federal enterprise.

March. 25: Security Week reported, “ The White House has nominated Michael Sulmeyer as the first assistant secretary of defense for cyber policy at the Department of Defense.”

 

 


Contributors
Kacy Zurkus

Senior Content Manager, RSA Conference

RSAC Insights

hackers & threats security architecture security operations cyber espionage disinformation campaigns/fake news vulnerability assessment exploit of vulnerability Pen Testing / Breach Simulation

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs